www.underluckystars.com Open in urlscan Pro
54.209.91.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://underluc.ky/ninitzd
Effective URL:
https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_sour...
Submission: On June 03 via manual (June 3rd 2024, 8:32:05 pm UTC) from CO — Scanned from DE

Summary HTTP 179 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 50 IPs in 7 countries across 35 domains to perform 179 HTTP transactions. The main IP is 54.209.91.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.underluckystars.com.
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.

This is the only time www.underluckystars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.216.41.5 52.216.41.5	16509 (AMAZON-02) (AMAZON-02)
10	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
30	2600:9000:237... 2600:9000:237d:ca00:1a:5a9d:d440:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42::720 2a04:4e42::720	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	108.138.40.243 108.138.40.243	16509 (AMAZON-02) (AMAZON-02)
9	95.100.146.9 95.100.146.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:e30... 2a02:26f0:e300:298::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:20a... 2600:9000:20ae:1c00:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:e000:d:40c2:7fc0:21	16509 (AMAZON-02) (AMAZON-02)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
1 8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
3	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
7	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	52.6.21.232 52.6.21.232	14618 (AMAZON-AES) (AMAZON-AES)
12	52.57.28.205 52.57.28.205	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
9	2606:4700::c6... 2606:4700::c6d9:fbfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:7628::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.239.192.187 54.239.192.187	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:d600:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26d... 2600:9000:26da:9200:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	34.247.125.229 34.247.125.229	16509 (AMAZON-02) (AMAZON-02)
5	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.120.210.155 104.120.210.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	2606:4700::c6... 2606:4700::c6d9:fbfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
179	50

1 52.216.41.5 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: s3-website-us-east-1.amazonaws.com

underluc.ky	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

www.underluckystars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:237d:ca00:1a:5a9d:d440:21 (United States)

ASN16509 (AMAZON-02, US)

d3j4c7e2o820k1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)

uls-photos.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.243 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-243.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.100.146.9 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-9.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300:298::1931 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ae:1c00:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:e000:d:40c2:7fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dv1tfaz68u60v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.21.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-21-232.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.57.28.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
centinelapi.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
writer.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.192.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-187.muc50.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:d600:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:9200:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.125.229 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-125-229.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.120.210.155 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-120-210-155.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

underluckystars.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)

geo.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	cloudfront.net d3j4c7e2o820k1.cloudfront.net d2hrivdxn8ekm8.cloudfront.net dv1tfaz68u60v.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	497 KB
20	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	8 KB
17	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 11865 assets.braintreegateway.com — Cisco Umbrella Rank: 26337	6 KB
10	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 31663 centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 26599 geo.cardinalcommerce.com — Cisco Umbrella Rank: 27204 writer.cardinalcommerce.com — Cisco Umbrella Rank: 29124	185 KB
10	underluckystars.com www.underluckystars.com	36 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 968	148 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 e.clarity.ms — Cisco Umbrella Rank: 76000 c.clarity.ms — Cisco Umbrella Rank: 1720	29 KB
8	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1212	6 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3472 ekr.zdassets.com — Cisco Umbrella Rank: 4202	363 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1225 tr6.snapchat.com — Cisco Umbrella Rank: 1385	690 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 513 c.bing.com — Cisco Umbrella Rank: 289	14 KB
4	imgix.net uls-photos.imgix.net	338 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2473 www.google.com — Cisco Umbrella Rank: 7	338 B
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1294	1 KB
3	t.co t.co — Cisco Umbrella Rank: 791	900 B
3	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3293 alb.reddit.com — Cisco Umbrella Rank: 2005	836 B
3	quora.com a.quora.com — Cisco Umbrella Rank: 9490 q.quora.com — Cisco Umbrella Rank: 5487	16 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 102	270 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 9798	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5776	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads.g.doubleclick.net — Cisco Umbrella Rank: 79	275 B
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 15373 underluckystars.zendesk.com	2 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 12966	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1371	22 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1594	13 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 5914	828 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 174	2 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1221	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1458	20 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 6048	18 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 4625	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 101	1 KB
1	underluc.ky 1 redirects underluc.ky	392 B
179	35

	Domain	Requested by
30	d3j4c7e2o820k1.cloudfront.net	www.underluckystars.com d3j4c7e2o820k1.cloudfront.net
20	www.facebook.com	www.underluckystars.com
12	client-analytics.braintreegateway.com	browser.sentry-cdn.com
10	www.underluckystars.com	www.underluckystars.com browser.sentry-cdn.com a.quora.com
9	analytics.tiktok.com	www.underluckystars.com analytics.tiktok.com
8	ct.pinterest.com	browser.sentry-cdn.com s.pinimg.com
6	static.zdassets.com	www.underluckystars.com assets.zendesk.com static.zdassets.com
5	e.clarity.ms	browser.sentry-cdn.com
5	songbird.cardinalcommerce.com	d3j4c7e2o820k1.cloudfront.net songbird.cardinalcommerce.com
5	assets.braintreegateway.com	d3j4c7e2o820k1.cloudfront.net
4	tr.snapchat.com	sc-static.net
4	uls-photos.imgix.net	www.underluckystars.com
3	analytics.twitter.com	www.underluckystars.com
3	t.co	www.underluckystars.com
3	d2hrivdxn8ekm8.cloudfront.net	www.underluckystars.com d2hrivdxn8ekm8.cloudfront.net
3	bat.bing.com	www.underluckystars.com bat.bing.com
3	connect.facebook.net	www.underluckystars.com connect.facebook.net
3	www.googletagmanager.com	www.underluckystars.com www.googleoptimize.com
2	writer.cardinalcommerce.com	browser.sentry-cdn.com
2	c.clarity.ms	1 redirects
2	centinelapi.cardinalcommerce.com	browser.sentry-cdn.com
2	segment.prod.bidr.io	1 redirects www.underluckystars.com
2	d1lu3pmaz2ilpx.cloudfront.net	browser.sentry-cdn.com
2	q.quora.com	www.underluckystars.com
2	www.google.de	www.underluckystars.com
2	region1.analytics.google.com	www.googletagmanager.com
2	alb.reddit.com	www.underluckystars.com
2	payments.braintree-api.com	browser.sentry-cdn.com
2	s.pinimg.com	www.underluckystars.com s.pinimg.com
2	www.redditstatic.com	www.underluckystars.com browser.sentry-cdn.com
2	www.clarity.ms	www.underluckystars.com www.clarity.ms
1	geo.cardinalcommerce.com	songbird.cardinalcommerce.com
1	c.bing.com	1 redirects
1	underluckystars.zendesk.com	static.zdassets.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	d330aiyvva2oww.cloudfront.net	browser.sentry-cdn.com
1	dvqigh9b7wa32.cloudfront.net	browser.sentry-cdn.com
1	tr6.snapchat.com	sc-static.net
1	ekr.zdassets.com	assets.zendesk.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	pixel-config.reddit.com	browser.sentry-cdn.com
1	assets.zendesk.com	1 redirects
1	dv1tfaz68u60v.cloudfront.net	www.underluckystars.com
1	fonts.gstatic.com	fonts.googleapis.com
1	a.quora.com	www.underluckystars.com
1	static.ads-twitter.com	www.underluckystars.com
1	sc-static.net	www.underluckystars.com
1	browser.sentry-cdn.com	www.underluckystars.com
1	www.googleoptimize.com	www.underluckystars.com
1	fonts.googleapis.com	www.underluckystars.com
1	underluc.ky	1 redirects
179	54

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
www.facebook.com
instagram.com
support.underluckystars.com

Subject Issuer	Validity	Valid
www.underluckystars.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-13` - `2024-06-11`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
quora.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.googleadservices.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.de WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.quora.com R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
underluckystars.zendesk.com Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Frame ID: 1C34B2D9416D2F27B6520DBB64B7D6A1
Requests: 158 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 587E9E17A26DAF3934045B33F3F79151
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=eda2b568-c489-4298-9afc-850b0d216edd&u_scsid=dcfb9603-cc03-4cbb-9f83-1e551639f31d&u_sclid=795fea87-599c-49d7-91ba-9b6dcea83a32
Frame ID: F20187F8637AF798BA364576BAC58731
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html
Frame ID: AEB91DED00725A78FEE8C581272E0C78
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html
Frame ID: C899B04053F34191A8FA22F12890FE8F
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html
Frame ID: ECC54A7721494E9BE63E039C81F3B11C
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html
Frame ID: 1AE9F2DFE971F96360505ED8280E6BB3
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js
Frame ID: C6C27574EDDA958C89E4AB6EBDBC13F4
Requests: 6 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: DF2AB9CF973F69ECFA53028BF40977E0
Requests: 1 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=642b9141e4c4446a03aff065&tmEventType=PAYMENT&referenceId=0_59dca058-4a20-47e2-8d4b-c3e3730bba17&geolocation=false&origin=Songbird
Frame ID: FB6B6503CD5ABA72E62310EB0245AB5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personalized Star Maps - Under Lucky Stars

Page URL History Show full URLs

http://underluc.ky/ninitzd HTTP 307
https://underluc.ky/ninitzd HTTP 307
http://underluc.ky/ninitzd HTTP 301
https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

179
Requests

97 %
HTTPS

42 %
IPv6

35
Domains

54
Subdomains

50
IPs

7
Countries

2169 kB
Transfer

5410 kB
Size

42
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/us/legalhub/home
Title: By paying with my card, I agree to the PayPal Privacy Statement.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/underluckystars/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/underluckystars
Title: Instagram

Search URL Search Domain Scan URL

URL: https://support.underluckystars.com/
Title: Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://underluc.ky/ninitzd HTTP 307
https://underluc.ky/ninitzd HTTP 307
http://underluc.ky/ninitzd HTTP 301
https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 110

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIw4DcwaPAhgMVOXNBAh08aCNoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIw4DcwaPAhgMVOXNBAh08aCNoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20v&is_vtc=1&cid=CAQSGwDaQooLdxu_ZXVGzo3gpPYIaBzeQPIn3_P5dQ&random=3489190602 HTTP 302
https://www.google.de/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIw4DcwaPAhgMVOXNBAh08aCNoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20v&is_vtc=1&cid=CAQSGwDaQooLdxu_ZXVGzo3gpPYIaBzeQPIn3_P5dQ&random=3489190602&ipr=y

Request Chain 141

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538&_bee_ppp=1

Request Chain 160

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&RedC=c.clarity.ms&MXFR=3365E672D1B86ADA2A61F2E1D5B86449 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&MUID=229CC43F33A961253665D0AC327B608E

179 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 56103c21-6f7e-422a-936d-9db19ab864d4 Show response
www.underluckystars.com/en/pay/
Redirect Chain

http://underluc.ky/ninitzd
https://underluc.ky/ninitzd
http://underluc.ky/ninitzd
https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

58 KB
14 KB

591ms
328ms

Document
text/html

54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 02b220926c9cbc094afcdf4c29546ae5ec230ec6609663a1dc5542f109afc257

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, must-revalidate, no-store, private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13697
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jun 2024 20:31:34 GMT
Expires: Mon, 03 Jun 2024 20:31:34 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446694&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sYJbSobxXM69n333NFVVGgPAZJ5lsTlfBpZ%2BTsTr0Rc%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446694&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sYJbSobxXM69n333NFVVGgPAZJ5lsTlfBpZ%2BTsTr0Rc%3D
Server: Apache
Vary: Accept-Encoding,Origin
Via: 1.1 vegur

Redirect headers

Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:35 GMT
Location: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Server: AmazonS3
x-amz-id-2: 6lBdMn/DRdL+l9mPRmLBrLm5BBsXsc0NAF1pLutzAs9EO5R7/4HAS289wqdJQ9PZf0Hruk2QSl0=
x-amz-request-id: Q2DSYH9P1RFYJJ1G

GET
H2 200 1f6c243-278522f.css
d3j4c7e2o820k1.cloudfront.net/css/ 38 KB
7 KB 98ms
48ms Stylesheet
text/css 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c691a7b42e61506e78aed654dd317bbf83137b6881554ad52ef79b682d40ea3e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:53:15 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5900
x-cache: Hit from cloudfront
content-length: 6555
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717440795&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6be9Af7XvFZR3rxhk%2BKS4IR%2Fu3rV1Zr%2FqyP5qeY6rT4%3D
last-modified: Mon, 03 Jun 2024 18:25:37 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717440795&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6be9Af7XvFZR3rxhk%2BKS4IR%2Fu3rV1Zr%2FqyP5qeY6rT4%3D"}]}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JpmaYdidJlSH6jMWmXutxAWKMJVdP_r2C3HEAkQ6hgNW35VBJMJt3g==
expires: Tue, 03 Jun 2025 18:53:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 156ms
61ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Roboto:wght@400&display=swap

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

598668082255f69b8585c4aa671f81b589335371e621a7363b7fff229b96731d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 20:31:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 20:31:35 GMT

GET
H2 200 454a62b-3f8b17e.css
d3j4c7e2o820k1.cloudfront.net/css/ 16 KB
4 KB 75ms
25ms Stylesheet
text/css 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-3f8b17e.css
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e2b888cde4fbaf1772f4650957b0af44b10304bb30ae68c2e5ef2c82f065fd98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:31:10 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 7224
x-cache: Hit from cloudfront
content-length: 3682
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717439470&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=op74mnCOez%2BxWAxnTPHvd3bBZv6ym80LaH8EvqS6Epg%3D
last-modified: Mon, 03 Jun 2024 18:25:37 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717439470&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=op74mnCOez%2BxWAxnTPHvd3bBZv6ym80LaH8EvqS6Epg%3D"}]}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dii3HP9KNaT47dFrp13K6f2_XDZlobsRTXJYabYlwTMSWlI9blcpNg==
expires: Tue, 03 Jun 2025 18:31:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 158ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-867529107

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

812150c357212c1968f67598dbf5d157a964297a57627f43982261cf1fc1b335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84706
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 19:30:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 20:31:35 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 175 KB
64 KB 182ms
68ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WD5DG8M

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcde2bbf6f25e5f5c76cdb69778ffa0231dcee443ce60b36df9d3dde9b6d4567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64854
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 19:30:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 20:31:35 GMT

GET
H2 200 small-logo-color.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/ 1 KB
902 B 66ms
17ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/small-logo-color.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 82e6b2b34e83923f085e9ca5a067be0fe19645060a8d4252d0e800fe328f99f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jul 2023 13:58:50 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 18:56:56 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 27412364
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 502
x-amz-cf-id: Rvw8lWe4CPyK4TjUL22i4zBhaLV9o1g1mLoW4WhNCPV7l83VWH-YKA==
expires: Sun, 21 Jul 2024 13:58:50 GMT

GET
H2 200 hamburger-menu.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/ 641 B
1 KB 65ms
16ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/hamburger-menu.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4a1d55a2259841c1012a041dc9aecb3b179e433d95bf75866dd75a1914bd68a7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 02 Oct 2023 09:42:29 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 21206945
x-cache: Hit from cloudfront
content-length: 308
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1696239749&s=f8xi5eqkIMRexRjYIkM5RoM2vq71MOxzrLx2bSa646E%3D
last-modified: Wed, 27 Sep 2023 17:15:22 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1696239749&s=f8xi5eqkIMRexRjYIkM5RoM2vq71MOxzrLx2bSa646E%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sBZm1Xv2DTiznXrnUwoGCjNXVbqzZljRfehF-Tvc3stzyANIjhZW7w==
expires: Tue, 01 Oct 2024 09:42:29 GMT

GET
H2 200 hamburger-menu-close.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/ 689 B
709 B 15ms
15ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/simpler/hamburger-menu-close.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 97e0619ba41d0bb6d802d9bc2d42116d639d514ccfd9cfe2a8c8d5a9f314a9a5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Sep 2023 08:40:21 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Fri, 15 Sep 2023 20:26:45 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 21988273
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 309
x-amz-cf-id: uFBgV_UeqYpT30d5Ch5z-NYe_iaY4AHVxcpFqgu2JX7XgXHr6L4Ckw==
expires: Sun, 22 Sep 2024 08:40:21 GMT

GET
H2 200 shield-blue.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 412 B
1 KB 17ms
15ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/shield-blue.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8ba3c8134207b8fe997e01aaeeb0da6a974e47613f74ed9db3ccb1934e86c3cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 16:47:20 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 186255
x-cache: Hit from cloudfront
content-length: 276
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D
last-modified: Thu, 30 May 2024 19:42:45 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: n65aYhbIdb8j9LxaojaxSuVTbodMB0wvedcNiGi6pmKkxAJ7QycUrg==
expires: Sun, 01 Jun 2025 16:47:20 GMT

GET
H2 200 smile-blue.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 428 B
1 KB 16ms
16ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/smile-blue.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 15b310a6287387087766f691f465d80744d9585a7bc7f6b49152ba61fa521bce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 16:47:20 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 186255
x-cache: Hit from cloudfront
content-length: 271
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D
last-modified: Thu, 30 May 2024 19:42:45 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 62EPbgcMbpXJiXW2Ikm869t2WgJmB8c4lJtqweJe5o7mLkLD4Mqagw==
expires: Sun, 01 Jun 2025 16:47:20 GMT

GET
H2 200 leaf-blue.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 500 B
1 KB 32ms
31ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/leaf-blue.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 72adb1767c98a162d01c40662d39150e3686ffc63aaeb81f344e26e7b6ed3b8d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 16:47:20 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 186255
x-cache: Hit from cloudfront
content-length: 301
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D
last-modified: Thu, 30 May 2024 19:42:45 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717260440&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TpkMbmiE24%2FYV%2BIPXczWNvzqWqPclN17k4X7afhi4zY%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ISEImyJp3iVAJFM48Kh61jS27dmVXi88eZWFUmKopbq5N1t9uYiygg==
expires: Sun, 01 Jun 2025 16:47:20 GMT

GET
H2 200 map-placeholder.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 3 KB
2 KB 30ms
16ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/map-placeholder.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 223ebff1459ded262b1e57e003cee79bb09877d144d41837884e01ce1d33a430

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 15:17:36 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 1314839
x-cache: Hit from cloudfront
content-length: 1081
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716131856&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=8RVJOhbb0uzVIPVi4btxUAngbHOLocbpfhlI3ALExK4%3D
last-modified: Fri, 17 May 2024 06:48:24 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716131856&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=8RVJOhbb0uzVIPVi4btxUAngbHOLocbpfhlI3ALExK4%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iHLJo8J72p46N0oSZ0YKFjiqn5jgbJD6i9-jzySpdHqG03nGO8Dpfg==
expires: Mon, 19 May 2025 15:17:36 GMT

GET
H2 200 room_1824_poster-moon.jpg
uls-photos.imgix.net/customer-photos/3d/ 55 KB
55 KB 223ms
173ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uls-photos.imgix.net/customer-photos/3d/room_1824_poster-moon.jpg?fit=crop&w=1080&h=1080&auto=compress,enhance,format

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

74ee5f96f25ee999335ab167113b586db5072a1259ad784021bfb91a705b0d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-content-type-options: nosniff
age: 784961
x-cache: HIT, MISS, MISS
x-imgix-id: a55b8019d076cc1f632e82eb24384f9b819a4998
cross-origin-resource-policy: cross-origin
content-length: 56068
x-served-by: cache-sjc1000147-SJC, cache-ams21024-AMS, cache-fra-eddf8230151-FRA
last-modified: Sat, 25 May 2024 18:28:54 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ecb3ab1ae6_PICT_20201111_105254-01.jpeg
uls-photos.imgix.net/customer-photos/ 30 KB
31 KB 227ms
177ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uls-photos.imgix.net/customer-photos/ecb3ab1ae6_PICT_20201111_105254-01.jpeg?fit=crop&w=1080&h=1080&auto=compress,enhance,format

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

63d798e2fd33f1ccc2d7b10c132d1ecdb830a5da196e99cb89d582db2ccc908d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-content-type-options: nosniff
age: 5149
x-cache: HIT, MISS, MISS
x-imgix-id: 58d6917e1eb89637916afca56ea8c055e9a3adb4
cross-origin-resource-policy: cross-origin
content-length: 31082
x-served-by: cache-sjc10056-SJC, cache-ams21021-AMS, cache-fra-eddf8230151-FRA
last-modified: Mon, 03 Jun 2024 19:05:46 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4c9851d1b9_@kalicarcel.jpg
uls-photos.imgix.net/customer-photos/ 151 KB
151 KB 230ms
180ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uls-photos.imgix.net/customer-photos/4c9851d1b9_@kalicarcel.jpg?fit=crop&w=1080&h=1080&auto=compress,enhance,format

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

992ae0fe7f1625115780377ea0d7cf4dcf7b7a41022981c957a419959d67cf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-content-type-options: nosniff
age: 5149
x-cache: HIT, MISS, MISS
x-imgix-id: 544b49b6eb2697fbac859dd2a84d66e942c74d75
cross-origin-resource-policy: cross-origin
content-length: 154516
x-served-by: cache-sjc1000125-SJC, cache-ams12732-AMS, cache-fra-eddf8230151-FRA
last-modified: Mon, 03 Jun 2024 19:05:46 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 90ee8bb959_140383764_417971559259761_3125742206778204554_n.jpg
uls-photos.imgix.net/customer-photos/ 101 KB
102 KB 61ms
11ms Image
image/avif 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uls-photos.imgix.net/customer-photos/90ee8bb959_140383764_417971559259761_3125742206778204554_n.jpg?fit=crop&w=1080&h=1080&auto=compress,enhance,format

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

60225727403c85eb1f1cc5a03cce4a45194b972c051ae993928cf85a3c17a193

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-content-type-options: nosniff
age: 1335709
x-cache: MISS, MISS, HIT
x-imgix-id: 4d89442e013cdad3a0c01ac4fff4a4b23b7a4a3f
cross-origin-resource-policy: cross-origin
content-length: 103872
x-served-by: cache-sjc10029-SJC, cache-ams12754-AMS, cache-fra-eddf8230151-FRA
last-modified: Sun, 19 May 2024 09:29:46 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 visa.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 5 KB
6 KB 31ms
20ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/visa.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b8c0f4596d7df31c353812fe085c2ce3c382de9308ac9cc19b829d325b771438

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 00:35:45 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 15018950
x-cache: Hit from cloudfront
content-length: 5167
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702427745&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yi13LSZchGR%2FPYSibqF6ixsTM4eld4FiDicB6l1sa7o%3D
last-modified: Sun, 10 Dec 2023 16:40:40 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702427745&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yi13LSZchGR%2FPYSibqF6ixsTM4eld4FiDicB6l1sa7o%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: N-i1yUeCsahHW2TJh062fOFbVfZQV3atrineIGTrCpsDdtQJLA_5CQ==
expires: Thu, 12 Dec 2024 00:35:45 GMT

GET
H2 200 mastercard.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 6 KB
7 KB 34ms
23ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/mastercard.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fcafd6c7d915605ce4321ae53fd667d07b3c82f8fd3a0f5072f056cd2d143725

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 06:42:55 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 3851320
x-cache: Hit from cloudfront
content-length: 6281
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713595375&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C7Mw3x4AelSOVfQ05IuAWn9mZHaOBFO219Towk3dhPQ%3D
last-modified: Fri, 19 Apr 2024 12:51:59 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713595375&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C7Mw3x4AelSOVfQ05IuAWn9mZHaOBFO219Towk3dhPQ%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 22NL6oEFevtjieYHCovIVQZRnxZ0JtVVr8kAGQX9wL4qvGc71QE4ow==
expires: Sun, 20 Apr 2025 06:42:55 GMT

GET
H2 200 maestro.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 7 KB
7 KB 34ms
23ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/maestro.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e88d35a3f38898064c176ff351e3ee4c7d22ab4ca2f52d44a9ef615c4364d5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 17:29:07 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5454148
x-cache: Hit from cloudfront
content-length: 6675
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711992547&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=p0wf2f1qXxhbHWHwPw8I6XnKwPZwnthYcyzcCV42YNY%3D
last-modified: Thu, 28 Mar 2024 20:20:35 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711992547&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=p0wf2f1qXxhbHWHwPw8I6XnKwPZwnthYcyzcCV42YNY%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4wC7TqjnIhCGqW-53fazc8VKiXwbJFaYD4fyeVq0FWW-Mwo1EsSRNg==
expires: Tue, 01 Apr 2025 17:29:07 GMT

GET
H2 200 discover.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 6 KB
6 KB 33ms
24ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/discover.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2f688cf86928876c5a0bfdb1803055d354c507d6801be11bc161c8fc37335c08

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 14 Sep 2023 21:15:18 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Tue, 12 Sep 2023 09:08:00 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 22720577
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5742
x-amz-cf-id: xtl3xSeDtFNnMYAhygCc8yMWiHXXq-_1rahkE1ZLBXZyAcoWPgLHeA==
expires: Fri, 13 Sep 2024 21:15:18 GMT

GET
H2 200 paypal.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 5 KB
6 KB 34ms
25ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/paypal.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 9e100c09698f359a32a2f2ff853de2ecfe1cbffdf0fa6bf666a17f5d8537e25d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Jan 2024 15:11:04 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 11337631
x-cache: Hit from cloudfront
content-length: 5170
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706109064&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ymyciN%2BqUp8y6iGGr4fYamFYxhD1Xah9v17pOBBlLnI%3D
last-modified: Tue, 23 Jan 2024 18:54:15 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706109064&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ymyciN%2BqUp8y6iGGr4fYamFYxhD1Xah9v17pOBBlLnI%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UiTJXLtc5PNiiAKc6v_H5uo7uCLys67FTOiUKaUNPZdA5eXsSjS-fw==
expires: Thu, 23 Jan 2025 15:11:04 GMT

GET
H2 200 leaf.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 811 B
2 KB 54ms
46ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/leaf.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 03cc400198270084c3467816d74dfd6a71d858275fc20229d75b1dc852d45c9d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 23:36:12 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 680122
x-cache: Hit from cloudfront
content-length: 811
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716766572&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TRkSf0jhsQzbkGgwlKfhCT4QWidr2Ol5BQgejoYT8h8%3D
last-modified: Mon, 20 May 2024 09:07:38 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716766572&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=TRkSf0jhsQzbkGgwlKfhCT4QWidr2Ol5BQgejoYT8h8%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KTbV2JDzvHZn7NsxaTGVmP6dabmQjMz0uuKBjPiJXC5PVnok9qpEWA==
expires: Mon, 26 May 2025 23:36:12 GMT

GET
H2 200 155db98-c90ce09.js Show response
d3j4c7e2o820k1.cloudfront.net/js/ 142 KB
26 KB 71ms
34ms Script
text/javascript 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/js/155db98-c90ce09.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e6e05033bb8d6addc3661ec3f346a2c9ce96963541152c4d46eebdcb8a6679e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:29:55 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 7300
x-cache: Hit from cloudfront
content-length: 25405
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717439395&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KZX1Wt%2FLjP%2FXpuiVIyEDsFd6%2F69EW87TqtR2AP4fq7U%3D
last-modified: Mon, 03 Jun 2024 18:25:37 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717439395&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KZX1Wt%2FLjP%2FXpuiVIyEDsFd6%2F69EW87TqtR2AP4fq7U%3D"}]}
content-type: text/javascript
access-control-allow-origin: https://www.underluckystars.com
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: OaVhNTUbJnx-uTj1ox6PF_UFCa48uxd-hizjHzONsNBQ83UOHYrjNg==
expires: Wed, 03 Jul 2024 18:29:55 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.24.2/ 58 KB
18 KB 48ms
17ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8d96f2bab569289ddb4165a758e624413d4e95ff2fcf8fcff3f400adab0c18ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 18 Sep 2020 14:04:23 GMT
server: Fastly
age: 2970404
etag: "3584b4e15b0a7cd0400471e218176e49"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18040
expires: Thu, 26 Sep 2024 07:30:08 GMT

GET
H2 200 f677160-6027d3f.js Show response
d3j4c7e2o820k1.cloudfront.net/js/ 493 KB
121 KB 30ms
30ms Script
text/javascript 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5a154a476bd16508d915b7554dd38dac9871c698e572663aa907d099baaf4c08

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:53:15 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5900
x-cache: Hit from cloudfront
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717440795&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6be9Af7XvFZR3rxhk%2BKS4IR%2Fu3rV1Zr%2FqyP5qeY6rT4%3D
last-modified: Mon, 03 Jun 2024 18:25:37 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717440795&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6be9Af7XvFZR3rxhk%2BKS4IR%2Fu3rV1Zr%2FqyP5qeY6rT4%3D"}]}
content-type: text/javascript
access-control-allow-origin: https://www.underluckystars.com
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: tv2aH5QE1ht9ZZkUQb8tQmyRYKy5R7_LNGL6fkkWwoO4D_nf71YmOA==
expires: Wed, 03 Jul 2024 18:53:15 GMT

GET
H2 200 lwgnlz24zi Show response
www.clarity.ms/tag/ 637 B
1002 B 190ms
125ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lwgnlz24zi
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 471d7117ddc6740c2ee7df66d93620e1e9ccde7163913c1dd7e6a061d5b5aaaa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 03 Jun 2024 20:31:35 GMT
x-azure-ref: 20240603T203135Z-16577d9575dv7vz83gcwqt5n5w00000000z000000000btq1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 101ms
89ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-867529107&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-WD5DG8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de18b6da10ed146bdac239115c7a7f330e6c1ab02859f09f2e731cd1601d4072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84629
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 19:30:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 20:31:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
104 KB 144ms
132ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LSBK82Y0LK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-WD5DG8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6701f46d4b264ed12b3471e5f88dd6b7b1fd12c3e7d7847136eef2cf9664f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106665
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Jun 2024 20:31:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Jun 2024 20:31:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: kk7RzrMt/C5kNrsJe2ILmFDhRCFU+eu6D6YnJiIF+WbWkYTjUQKv0Sn4n5q1ffl6kvs0vaj/Kuc18HUCR8eLvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 201
Created track-fb-pv Show response
www.underluckystars.com/en/ 2 B
1 KB 1533ms
1521ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/track-fb-pv
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCzFaUFBQaJmOvMOC

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D"}]}
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com, https://www.underluckystars.com
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D
Expires: Mon, 03 Jun 2024 20:31:36 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 36ms
9ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

GET
H2 200 scevent.min.js Show response
sc-static.net/ 45 KB
20 KB 155ms
42ms Script
application/javascript 108.138.40.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.243 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-243.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: c32b39ed9a5e80836d347d294589fe1763b5e01cd98bd1baf70c7fb8acb339c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19625
x-amz-cf-id: aVqJtYD4LueVhuY2R_eYa4Ntb8bbujxXZwfPCjsnZK0BaA_JLTuRAg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 252ms
139ms Script
application/javascript 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVRL17JP3MGBRD7S1DR0&lib=ttq
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cdc70890e61dda3b7391c92c0576cd0b04cf636d5dd66d4ac2bc350e6aed8068

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: dfdc629f.3df87437
date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406032031355F03F546A26A593D3F77-771C61C2DEC5AD5A-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 106,95.100.146.5
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202406032031355F03F546A26A593D3F77
x-cache-remote: TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.200.209
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b812ebcd0e68594e10a0e0454d1156b6f3c9bd9f3bb277b88f0b285b42b19dcd0c173f8b83fda03906e199236dc13ed49b2e0bc556b9c33d0d9a4b0e8fce314ef624ee078c9390334336ac3f4485345f44a634ecb26087a973a293c925e9b753dc
expires: Mon, 03 Jun 2024 20:31:35 GMT

POST
H/1.1 201
Created track-tt-pv Show response
www.underluckystars.com/en/ 2 B
1 KB 1610ms
1315ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/track-tt-pv
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryr9IPbWbxPIMMozFJ

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D"}]}
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com, https://www.underluckystars.com
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D
Expires: Mon, 03 Jun 2024 20:31:36 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 148ms
34ms Script
application/javascript 2a02:26f0:e300:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:298::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1881

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 83ms
3ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220048-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 109ms
42ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 03 Jun 2024 20:31:34 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1BB99F7DE984F229971CF8F9DE36DB3 Ref B: FRAEDGE1313 Ref C: 2024-06-03T20:31:35Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 138ms
83ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: M04HPBTPY5GDBBF5
age: 5799470
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 88e27296c8c191fc-FRA
expires: Tue, 04 Jun 2024 00:31:35 GMT

GET
H2 200 bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 2 KB
2 KB 158ms
13ms Script
application/javascript 2600:9000:20ae:1c00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-latest.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:1c00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a2c2f8fa2b73becd3760ed3927192ed8ea6b52fc0c933fd873716468b0265f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:22:27 GMT
x-amz-version-id: Gma12rsSejGS_pd4wW2a271ZPQdV8RIV
via: 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 18:12:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 7749
etag: "16c2c49f5873be3d698534921b4883c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1614
x-amz-cf-id: Cto_KMGgwltC4PiJ6MEDx1WfnwdnDeaptnPP8iWwgftL9g9zhh6vKA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5ec4d95771b2da24efd9bf6c18b3ba988e4332c03adc3812d4325fd96a7c6f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping-cart.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 2 KB
2 KB 32ms
26ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/shopping-cart.svg
Requested by: Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-3f8b17e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f74526b298c1f5e28e5325690068efea77223ec2090bc1a9a6ae75a5b84e99fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-3f8b17e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 22:40:57 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5608238
x-cache: Hit from cloudfront
content-length: 848
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711838457&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=rENL5tlG9x%2FIcVN4lamlGr5A9tPxbZJd9Z4UwEv9eV8%3D
last-modified: Thu, 28 Mar 2024 20:20:36 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711838457&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=rENL5tlG9x%2FIcVN4lamlGr5A9tPxbZJd9Z4UwEv9eV8%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZOb9B_-jFb1Nb1lq8gNK07NZmHnBJny8EAQbo5eQuL8urcM2kk_Nhg==
expires: Sun, 30 Mar 2025 22:40:57 GMT

GET
H2 200 close-icon.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1019 B
1 KB 51ms
45ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/close-icon.svg
Requested by: Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4093e24113dcc170051435db8382c56963f43b509e67230091722743ec481ed3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 10 Dec 2023 17:22:00 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 15217775
x-cache: Hit from cloudfront
content-length: 460
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702228920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=AlY8MrXkanrNYaYrQ5WJ9KmW63UVmMnWB0MHG6yFhcg%3D
last-modified: Sun, 10 Dec 2023 16:40:40 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702228920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=AlY8MrXkanrNYaYrQ5WJ9KmW63UVmMnWB0MHG6yFhcg%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ARQlDsasqlZqp4Nz-QBD--1_vJCVJ6G4tsNJPKmBkD5911rEegLUGA==
expires: Mon, 09 Dec 2024 17:22:00 GMT

GET
H2 200 carousel-left.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1 KB
1 KB 33ms
27ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/carousel-left.svg
Requested by: Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1b832fc2f9633808df95e0de59c1f8cdad327b4caabdf527988ea3a9f11c49f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:29:18 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 1166537
x-cache: Hit from cloudfront
content-length: 680
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716280158&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=gCenAIBZlLeaa18Ds80YvnAONe5Jt6Fqg%2BAvU8PAt%2BA%3D
last-modified: Mon, 20 May 2024 09:07:37 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716280158&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=gCenAIBZlLeaa18Ds80YvnAONe5Jt6Fqg%2BAvU8PAt%2BA%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EVuBbnmaYg6efhDOcjJBwZf3FdiFBzvJfvvlbFQAYWLtfWXv_UZ0hg==
expires: Wed, 21 May 2025 08:29:18 GMT

GET
H2 200 carousel-right.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1 KB
1 KB 50ms
44ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/carousel-right.svg
Requested by: Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c7c771d8f783ef1c885bc47d31698f2d4dd34f6653d5042c1248b7e21ccdc54

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3j4c7e2o820k1.cloudfront.net/css/1f6c243-278522f.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 15:17:36 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 1314839
x-cache: Hit from cloudfront
content-length: 629
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716131856&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=8RVJOhbb0uzVIPVi4btxUAngbHOLocbpfhlI3ALExK4%3D
last-modified: Fri, 17 May 2024 06:48:24 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716131856&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=8RVJOhbb0uzVIPVi4btxUAngbHOLocbpfhlI3ALExK4%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FK3H1tV0yQ-u6RPIWWpv3_wKolX8FUJvcPS1LqCQ74x9TuAD_ms4dQ==
expires: Mon, 19 May 2025 15:17:36 GMT

GET
DATA 200
OK truncated
/ 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9784df5d9fc8a2092d96c3fe651e8aa359acaefa6a84607e0fd0f5d09a3bf305

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 156ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 08:44:47 GMT
x-content-type-options: nosniff
age: 215208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 08:44:47 GMT

GET
H2 200 header-background.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 101 B
870 B 38ms
37ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/header-background.png
Requested by: Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-3f8b17e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bcfd25dd4e8aa4c4f264d115071e7f09a474684186f8b97fea39df46ca31f349

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-3f8b17e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 21:20:53 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 169842
x-cache: Hit from cloudfront
content-length: 101
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717276853&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=RRcYWjH9o70LRC%2BBmEYQKGLMV63BTcagJIJrbjV6nJk%3D
last-modified: Thu, 30 May 2024 19:42:44 GMT
server: Apache
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717276853&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=RRcYWjH9o70LRC%2BBmEYQKGLMV63BTcagJIJrbjV6nJk%3D"}]}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yNXG0Spsrw0YN4Vd48-hH8s4HNj9X8eIh1pc1F4VzN6vfewjXbbQvA==
expires: Sun, 01 Jun 2025 21:20:53 GMT

GET
H2 200 48dae3ea-88cb-449c-81b8-510b17935db0-e923a273-66fb-488e-a184-2557ddca7e8b.frame.jpg
dv1tfaz68u60v.cloudfront.net/renders/ 234 KB
235 KB 256ms
109ms Image
image/png 2600:9000:237d:e000:d:40c2:7fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dv1tfaz68u60v.cloudfront.net/renders/48dae3ea-88cb-449c-81b8-510b17935db0-e923a273-66fb-488e-a184-2557ddca7e8b.frame.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:e000:d:40c2:7fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 044b30a80167aa4263caae12b20ab3fbb2cd08f79bf1e2727a7aaa7fbda66b77

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Tue, 25 Jun 2024 00:00:00 GMT", rule-id="renders expiration"
last-modified: Mon, 03 Jun 2024 19:05:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "5ce267525d65e9ebc56d77de5d0da869"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=86400
content-length: 240118
x-amz-cf-id: ULaKPzgNsTp8I5vcxRRpR8pD6Hoxp_BQaaOd07fbetkREO6vAI80GA==

POST
H/1.1 201
Created 56103c21-6f7e-422a-936d-9db19ab864d4 Show response
www.underluckystars.com/en/track-fb-ic/ 2 B
1 KB 2750ms
2504ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/track-fb-ic/56103c21-6f7e-422a-936d-9db19ab864d4
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:38 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D"}]}
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com, https://www.underluckystars.com
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D
Expires: Mon, 03 Jun 2024 20:31:38 GMT

GET
H2 200 logo-new-trademark@2x.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 3 KB
3 KB 73ms
29ms Image
image/png 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/logo-new-trademark@2x.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ca2a24f055cfc558e9c6602c18c73c46f490a706f94a4d86aea09e4232fe6a3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Sep 2023 21:39:34 GMT
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 17:15:22 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 21336721
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3026
x-amz-cf-id: LBg5xHOvYml2BnozbeNm0drkh044bWchECNX2J3exjxj5b1Wa7kAHA==
expires: Sun, 29 Sep 2024 21:39:34 GMT

GET
H2 200 it-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 273 B
985 B 72ms
30ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/it-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c939e50605c5a08df1aaf19818f74d2919a9d3c3b7aa7cd90520b8bfc9c5dddc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 02:19:51 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 14407904
x-cache: Hit from cloudfront
content-length: 183
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703038791&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2BK7Mqy%2B12nlmsuMSv%2Fq9aeIji5ed44pusFvpKn8cp60%3D
last-modified: Tue, 19 Dec 2023 12:18:28 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703038791&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2BK7Mqy%2B12nlmsuMSv%2Fq9aeIji5ed44pusFvpKn8cp60%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GPFznqm1Rwq9A79NKB5KT3hCDutG1zoC-M-D6Z2AtPWbFS3KJKx8UQ==
expires: Thu, 19 Dec 2024 02:19:51 GMT

GET
H2 200 jp-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 209 B
975 B 71ms
31ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/jp-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 12:41:17 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 17308218
x-cache: Hit from cloudfront
content-length: 174
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700138477&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=77RudyxUQL7d6LYcdBLS9AzdyCCLpj%2FeJs6GJ1STKwU%3D
last-modified: Wed, 15 Nov 2023 07:31:31 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700138477&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=77RudyxUQL7d6LYcdBLS9AzdyCCLpj%2FeJs6GJ1STKwU%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5susQH_toP5EwjqhYWLlswot6sxEqRAA22PwRQ04XIm_Wu2bBQXpEQ==
expires: Fri, 15 Nov 2024 12:41:17 GMT

GET
H2 200 hu-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 223 B
549 B 69ms
32ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/hu-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6272390e4cf506663280e959d86aa790e7b4127fab1531767fc1d272e6aa05b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jul 2023 05:21:45 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jul 2023 21:10:10 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 27097790
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 149
x-amz-cf-id: YzAZ_NPjE-vbtcG9R61UIs6ckWOspe5RZQm3AoM_Enth7mmyQT_CNg==
expires: Thu, 25 Jul 2024 05:21:45 GMT

GET
H2 200 fr-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 249 B
562 B 69ms
32ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/fr-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 241dac7da9d2782f58c2ffdc05090ac486b49cde149c879675d189dee66aedf6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 04 Oct 2023 22:09:54 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 16:55:04 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 20989301
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 161
x-amz-cf-id: 4WU5MT8zzZVnULjWX63vraQBZSnSi8A7GHVYQs9JjmDIgTRt6RN1Hg==
expires: Thu, 03 Oct 2024 22:09:54 GMT

GET
H2 200 es-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 59 KB
20 KB 70ms
33ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/es-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: db0e71fc3bae2429414ed7399d6237050e97f77a45cc82f03d2d13120b5f50c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 22:40:58 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5608237
x-cache: Hit from cloudfront
content-length: 19402
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711838458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=od4NQYoDDxFtecliTmMx2uHDGOIPv%2FhYEUydvIwbCng%3D
last-modified: Thu, 28 Mar 2024 20:20:36 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711838458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=od4NQYoDDxFtecliTmMx2uHDGOIPv%2FhYEUydvIwbCng%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2_0cYGM6qBFpwCZXRyKIgza42tA2iTSeJs4zIXGGEPbre7iJT-sw5Q==
expires: Sun, 30 Mar 2025 22:40:58 GMT

GET
H2 200 pt-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 13 KB
7 KB 59ms
34ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/pt-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c63cbe703a180854b5e8bb01c286a11a9a2527a397a25f07fd583651cab6a62c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 22:40:58 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P2
age: 5608237
x-cache: Hit from cloudfront
content-length: 5918
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711838458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=od4NQYoDDxFtecliTmMx2uHDGOIPv%2FhYEUydvIwbCng%3D
last-modified: Thu, 28 Mar 2024 20:20:36 GMT
server: Apache
vary: Accept-Encoding,Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711838458&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=od4NQYoDDxFtecliTmMx2uHDGOIPv%2FhYEUydvIwbCng%3D"}]}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wqX9CpbfnbSDOzuug_ssXHqgJ6amEP_94l7SAiUfw5U0-e09DKQE7A==
expires: Sun, 30 Mar 2025 22:40:58 GMT

GET
H2 200 de-flag.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/ 502 B
711 B 60ms
36ms Image
image/svg+xml 2600:9000:237d:ca00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/newLanding/de-flag.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ca00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 44a4580e94ae11037b8983e43e37a220e72f884217dba5b33a94309db2dcd88b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 13 Oct 2023 08:15:28 GMT
content-encoding: gzip
via: 1.1 vegur, 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Fri, 13 Oct 2023 07:18:42 GMT
server: Apache
x-amz-cf-pop: MUC50-P2
age: 20261767
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 310
x-amz-cf-id: pwHcP_y3Iw4xV7vVq6J4D_Sfb8DwZD6qwQkktpqHEWcIhtRYuI27tA==
expires: Sat, 12 Oct 2024 08:15:28 GMT

POST
H/1.1 201
Created 56103c21-6f7e-422a-936d-9db19ab864d4 Show response
www.underluckystars.com/en/track-tt-ic/ 2 B
1 KB 1539ms
1317ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/track-tt-ic/56103c21-6f7e-422a-936d-9db19ab864d4
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D"}]}
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com, https://www.underluckystars.com
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446695&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=sJJbMEw26vNRMKpgiM9LF6YBPrbqZl0m8RPoYYwSz%2F4%3D
Expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H2 200 graphql Show response
payments.braintree-api.com/ 2 KB
2 KB 396ms
295ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6cbc7a1c3f807864a75777bc2ce45b2ddf3c7e449202baf5eb6d52043ff421b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MTc1MzMwOTQsImp0aSI6ImY4NjVkY2JhLTAyNjgtNGE0NS04YjJlLThhODU2ZTQzNzNmYiIsInN1YiI6Inh3ejY4bjNtazlkZHBzeHkiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Inh3ejY4bjNtazlkZHBzeHkiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsibWVyY2hhbnRfYWNjb3VudF9pZCI6InVuZGVybHVja3lzdGFyc1VTRCJ9fQ.0lLXn0mdvkd9lnU5gHHFYdXOhtasRPnS0gxsUw6KOdkANSe2GtduieOxeOAPgz3LJSQOmrs5QZ9J99v3MEi7sg
Braintree-Version: 2018-05-10
Content-Type: application/json
Referer: https://www.underluckystars.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://www.underluckystars.com
paypal-debug-id: a9cde18f06994
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1205

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 587E
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

10 KB
5 KB

84ms
46ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
x-amz-version-id: KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PZERAEDAFZ9SYDTC
age: 21
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tr/so4/RjvATt57vT5wh/Tz8DnV+qeKn9kxsgChY1AajmU8f2RwhpxcTMLctipwAH7PwDn9UhU4=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZD9ScbAAtXwB8xlWbORlFEWM%2BpNaDnJuSlZ3Mc7HM4H8OUyAIEXYE8Bw%2BoC7uva3RwjvpCbmEBxpSm%2FW%2BqftqtroUnXJGj6fle%2FDqqkqoywDs05yzCtJ8doNFdR4iBUZDkHdAMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 88e27298b9332c75-FRA
access-control-allow-headers: *

Redirect headers

date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0p0qmKCjKu7RBrbd21zNUiidm1%2BK2cfZY1fcWnHKZ7PL8aSnBkP8GLJsI%2FdHPj0HlEfBF1H%2BlWRhAfItlUBVYjtivxdF1FeDoet24gLB9AS3a0gL45IiuNlmLUT%2FwM9zQeyasw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 88e2729758c818b7-FRA
content-length: 167
expires: Mon, 03 Jun 2024 21:31:35 GMT

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 97ms
13ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.underluckystars.com
access-control-max-age: 1800
date: Mon, 03 Jun 2024 20:31:35 GMT
paypal-debug-id: 6c1ecd81e5514
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_1ico7y9c/ 3 B
124 B 498ms
421ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_1ico7y9c/config
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_1ico7y9c_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 45ms
1ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_1ico7y9c_telemetry
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 141ms
9ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1717446695359&id=t2_1ico7y9c&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1ebbc6fe-a6b5-455a-b100-a40677aedbe7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
75 B 121ms
10ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1717446695360&id=t2_1ico7y9c&event=AddToWishlist&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1ebbc6fe-a6b5-455a-b100-a40677aedbe7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 782857011853426 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 166ms
157ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/782857011853426?v=2.9.157&r=stable&domain=www.underluckystars.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ce9ec8c61b5972b8352a61a2018a9e9697e361f29881501687ae84936144237

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Jun 2024 20:31:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=48, mss=1368, tbw=63513, tp=-1, tpl=-1, uplat=135, ullat=0
pragma: public
x-fb-debug: fvi159NgiM/fTUl+e93dNIclJQEBgviuJe7p7mFGcLjZ7ftPMqNcNHhF76HU4a/G0/amw60+uQoGlA+TdPptNg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 74ms
11ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lwgnlz24zi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240603T203135Z-16577d9575dv7vz83gcwqt5n5w00000000z000000000btqk
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6c728f9f-801e-0015-2192-b53968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 86ms
23ms Script
application/javascript 2a02:26f0:e300:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:298::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19942

GET
H2 200 eda2b568-c489-4298-9afc-850b0d216edd.js Show response
tr.snapchat.com/config/com/ 184 B
468 B 233ms
117ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/eda2b568-c489-4298-9afc-850b0d216edd.js?v=3.18.0-2405302111

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

b562a50593e22cbd09d4302218ade462eb44bbc2f34dc88298405fbf741ab1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.underluckystars.com
x-envoy-upstream-service-time: 94
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184

GET
H2 200 i
tr.snapchat.com/cm/ Frame F201 0
0 103ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=eda2b568-c489-4298-9afc-850b0d216edd&u_scsid=dcfb9603-cc03-4cbb-9f83-1e551639f31d&u_sclid=795fea87-599c-49d7-91ba-9b6dcea83a32

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 03 Jun 2024 20:31:35 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/867529107/ 3 KB
2 KB 118ms
53ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/867529107/?random=1717446695571&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-867529107&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8433f341d13e5f67101f7ca3b0ec8dc67d0cd64d734d4d797c5131ad2a7b86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
250 B 254ms
211ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d1e1d3fe-0871-4539-ba9b-c5f772cad597&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3hl0&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 180
date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 45314ad0c445d981
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: b118f2e2c58339edfa8380067a68e98d990a11d0b51282371c1d52891aa03c95
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 153ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d1e1d3fe-0871-4539-ba9b-c5f772cad597&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3hl0&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Mon, 03 Jun 2024 20:31:34 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e215c0799dd1802d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 448d034d9bf93a752d48d0bfd8c7ae1d35ce019c976460bd00b0ba923ad6bd35
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
377 B 161ms
118ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=35a6d4be-71f0-40be-924c-f68e32c5eeaf&events=%5B%5B%22initiatecheckout%22%2C%7B%22value%22%3A76%2C%22currency%22%3A%22USD%22%2C%22num_items%22%3A%221%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&tw_order_quantity=1&tw_sale_amount=76&txn_id=o3hl0&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Mon, 03 Jun 2024 20:31:34 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 979a68dc4cc3e991
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 3981d435b44c7efb5f9c557b12d68c4b187a0974e968730895d3390f770da76e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
238 B 255ms
214ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=35a6d4be-71f0-40be-924c-f68e32c5eeaf&events=%5B%5B%22initiatecheckout%22%2C%7B%22value%22%3A76%2C%22currency%22%3A%22USD%22%2C%22num_items%22%3A%221%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&tw_order_quantity=1&tw_sale_amount=76&txn_id=o3hl0&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 192
date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e918e87b7eeb9b16
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 448d034d9bf93a752d48d0bfd8c7ae1d35ce019c976460bd00b0ba923ad6bd35
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
273 B 164ms
122ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=3&eci=4&email_address=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&event=%7B%22value%22%3A76%2C%22currency%22%3A%22USD%22%7D&event_id=0a27265f-e2ee-484c-9bef-9368fb6a4ab9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&txn_id=tw-o3hl0-ocr5z&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 109
date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a1c94219e5db4a21
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 681966da8f251332a53531a2d9632ea0ae533a6968c1f40a4d11fdc6a398f49b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 151ms
110ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=3&eci=4&email_address=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&event=%7B%22value%22%3A76%2C%22currency%22%3A%22USD%22%7D&event_id=0a27265f-e2ee-484c-9bef-9368fb6a4ab9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=247f673a-59fc-42b5-96ef-3a8cce0b4bf0&tw_document_href=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tw_iframe_status=0&txn_id=tw-o3hl0-ocr5z&type=javascript&version=2.3.30

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 102
date: Mon, 03 Jun 2024 20:31:34 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e94f7b7271b783f1
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 448d034d9bf93a752d48d0bfd8c7ae1d35ce019c976460bd00b0ba923ad6bd35
content-length: 43

GET
H2 204 17356527.js Show response
bat.bing.com/p/action/ 0
116 B 30ms
30ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17356527.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 03 Jun 2024 20:31:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D986A37DA98D45C39EA226F470CEBA01 Ref B: FRAEDGE1313 Ref C: 2024-06-03T20:31:35Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 64ms
63ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17356527&Ver=2&mid=a6cd3188-159a-409c-ba8b-ab50a1046a86&sid=45b1ce7021e811ef9465f3f24905782d&vid=45b45d3021e811efb6db093d50c3cbb6&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&p=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&r=&lt=4463&evt=pageLoad&sv=1&rn=349425

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 20:31:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA8915BF9BD14F97A1F171D451EE114C Ref B: FRAEDGE1313 Ref C: 2024-06-03T20:31:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 101ms
0ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LSBK82Y0LK&gtm=45je45t0v881670038za200&_p=1717446695085&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1167730064.1717446696&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dp=payment-form&sid=1717446695&sct=1&seg=0&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&dt=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=4898
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LSBK82Y0LK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.underluckystars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 102ms
0ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LSBK82Y0LK&cid=1167730064.1717446696&gtm=45je45t0v881670038za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LSBK82Y0LK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.underluckystars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 139ms
60ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LSBK82Y0LK&cid=1167730064.1717446696&gtm=45je45t0v881670038za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1884423562

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 69ms
43ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jun 2024 20:31:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.underluckystars.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.MWY1ZWZmZjM0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 349 KB
101 KB 49ms
44ms Script
application/javascript 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVRL17JP3MGBRD7S1DR0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8e5173a0d9b9ff339e68c10a49f0f4bdf70ef7a86dcbd1231ea1393231e56f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 3df87d17
date: Mon, 03 Jun 2024 20:31:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024053013061148202CAA8BC48F79BE5D
x-tt-trace-id: 00-24053013061148202CAA8BC48F79BE5D-2FF9D72F62AF3C28-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012c721c6e7b4ce8556793be796a941d0d44f958210a4f84245bcc506962aaedb9a62dda9743dc0f789d5477c7497766cf4a889a98184e4b0d3984a11c0e528ff781a481903203ea7bcc2aa27ad9c41289d60200d9c3a09cacdce5c583621fa8e6
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 103099

GET
H3 200 788297019927737 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 166ms
152ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/788297019927737?v=2.9.157&r=stable&domain=www.underluckystars.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

34a4addd7d0f6eb7755797b2d2b80e26f88d4a57572d3aa8275b1b4641c87664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4442, tp=11, tpl=0, uplat=140, ullat=0
pragma: public
x-fb-debug: B9KISdHFUlg25sc+lM7OngDSNhxueVgNCd/uBwsTcWe1ehH+mBHEubrx1Qy5ZeNES78nPSucBBrr7j5xN796WA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
425 B 131ms
51ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612474376513&pd=%7B%22em%22%3A%226e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3%22%7D&cb=1717446695920&dep=2%2CPAGE_LOAD
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1573104962649573
content-length: 186
pin-unauth: dWlkPU9UQTNNelZpTkdFdE9ESXdOaTAwWm1Oa0xXSXpNV1F0T1RkbFpEWXdObVJpWW1NMw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
epik: dj0yJnU9RC12ZFowazJYa244bUIyZnB0Z2dTbkFWamFUUmdET1Ymbj1saVRUbVNMNTNzZjRyTlAtYThiYVd3Jm09NCZ0PUFBQUFBR1plS0NnJnJtPTQmcnQ9QUFBQUFHWmVLQ2cmc3A9Mg
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
304 B 122ms
42ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2612474376513&cb=1717446695921&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1822467318189430
content-length: 186
pin-unauth: dWlkPU5HWXlNalE0TjJJdE0yUXlOeTAwWVRnNUxUaGpZVFF0TUdWaVpHWmtPV0U0WWpkbQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
637 B 120ms
41ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=addtocart&ed=%7B%22order_id%22%3A%2256103c21-6f7e-422a-936d-9db19ab864d4%22%2C%22value%22%3A76%2C%22currency%22%3A%22USD%22%2C%22event_id%22%3A%22a09fbea9-b419-4c0f-8cd6-09eda9198b81%22%7D&tid=2612474376513&cb=1717446695922&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1588397596754488
content-length: 186
pin-unauth: dWlkPVpHVmxNemRrWmpJdE1XVm1OUzAwT0dFNExUaGhZemd0WVRGbU5qY3daVEUwWVRneQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 404
Not Found 1
www.underluckystars.com/en/pay/ 11 KB
12 KB 2159ms
1936ms Other
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/pay/1
Requested by: Host: a.quora.com
URL: https://a.quora.com/qevents.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a825037288b9aa8fc3f9b1bebef6b84db9f4588f0ad047ec8560a8e0c99cc34c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:38 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446696&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9wGYJprUF8qSKnowYLlfFM2kb6EDUWQWENGL4Cmazvw%3D"}]}
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446696&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9wGYJprUF8qSKnowYLlfFM2kb6EDUWQWENGL4Cmazvw%3D
Expires: Mon, 03 Jun 2024 20:31:38 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/8279f1b0ba62495c83ab658ed9d2024e/ 43 B
424 B 451ms
109ms Image
image/gif 52.6.21.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/8279f1b0ba62495c83ab658ed9d2024e/pixel?j=1&u=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tag=ViewContent&ts=1717446695929&em=6b1f737d4557f962c76216b9438774a316103307d193efc125f197d8d070e7ec

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.21.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-21-232.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,f435fd0e2e5f43524b95ec8e2c751d47,10.0.0.69,17672,185.213.155.166,,375873783617,1,1717446696.334,0.004,,.,0,0,0.000,0.004,-,0,0,203,324,162,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/8279f1b0ba62495c83ab658ed9d2024e/ 43 B
736 B 450ms
109ms Image
image/gif 52.6.21.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/8279f1b0ba62495c83ab658ed9d2024e/pixel?j=1&u=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&tag=InitiateCheckout&ts=1717446695929&em=6b1f737d4557f962c76216b9438774a316103307d193efc125f197d8d070e7ec

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.21.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-21-232.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Attribution-Reporting-Register-Trigger: {"event_trigger_data": [{"trigger_data": "10"}], "aggregatable_trigger_data": [{"key_piece": "0x0a000000000000000000000000000000", "source_keys": ["10", "20", "30", "40", "11", "21", "31", "41"]}], "aggregatable_values": {"10": 8192, "20": 8192, "30": 8192, "40": 8192}}
Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,ad5e7099ff1ec826c431b726c5a878c2,10.0.0.69,40564,185.213.155.166,,247570649326,1,1717446696.332,0.002,,.,0,0,0.000,0.004,-,0,0,515,299,149,10,34729,,,,,,-,

OPTIONS
H/1.1 200
OK xwz68n3mk9ddpsxy
client-analytics.braintreegateway.com/ Frame 0
0 116ms
10ms Preflight 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK xwz68n3mk9ddpsxy
client-analytics.braintreegateway.com/ Frame 0
0 116ms
10ms Preflight 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK xwz68n3mk9ddpsxy
client-analytics.braintreegateway.com/ Frame 0
0 121ms
18ms Preflight 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 22ms
13ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 20ms
11ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 14ms
13ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dropin.min.css
assets.braintreegateway.com/web/dropin/1.40.2/css/ 21 KB
4 KB 82ms
10ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/dropin/1.40.2/css/dropin.min.css

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ff775138e1690f67634084ee0b972b2b9d736605bf9902e886e56e849f1efa0

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 03 Jun 2024 20:31:36 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 1f03ec13e4b24
dc: ccg11-origin-www-1.paypal.com
content-length: 3506
x-served-by: cache-sjc10051-SJC, cache-fra-eddf8230087-FRA
last-modified: Thu, 17 Aug 2023 22:19:35 GMT
traceparent: 00-00000000000000000001f03ec13e4b24-571bde2a19dedb66-01
x-timer: S1717446696.020374,VS0,VE1
etag: W/"64de9cf7-5410"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 148, 0

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 152ms
68ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MwNPaS9rY4cB7N0hyvgkI0PlknyiyI2k55sFy%2FyZmrMovdsan%2FsmGjIxpurXYHsJTDHWjgNyJTij5deh9yEB9ECDdSlV170VMJ%2FJplRelrg9Dmn8wSRpHVpQ1jEk8UY%2FCnfe7s0MZJIWArbH8T5vD8l46mJ5dTbWze5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 88e2729acd7e90ec-FRA
expires: Tue, 04 Jun 2024 00:31:36 GMT

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 21ms
13ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 20ms
13ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK xwz68n3mk9ddpsxy
client-analytics.braintreegateway.com/ Frame 0
0 29ms
17ms Preflight 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK xwz68n3mk9ddpsxy
client-analytics.braintreegateway.com/ Frame 0
0 31ms
19ms Preflight 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 9 KB
10 KB 19ms
17ms Script
application/javascript 2600:9000:20ae:1c00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:1c00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e48926025e3bded80dc58ead3a25b95fb9f823d9e7b94bf763c237c88af4122

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:22:28 GMT
x-amz-version-id: CQqLrYX9i2Q5D8s7HjyAmICVf0n_RB7R
via: 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2024 18:12:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 7749
etag: "08ed7776603d6f784411d29bce15370a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9380
x-amz-cf-id: EVGJzKihp5Vagg_6Z8ef5Ok6fD6Ew9CM92obyZXzgXTEbUvZvtQlww==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 17ms
15ms Script
application/javascript 2600:9000:20ae:1c00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/bfe8fef2-4e8a-4580-844b-7f1ffbe4ee02-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:1c00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddb69b95a6bdcf5d227ce30d7184839da682c7794fbb93e603b9e39c53a87440

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: F2_skBoyyTZPk30T0KU4aWlDbb3s6sr6
date: Mon, 03 Jun 2024 01:49:40 GMT
via: 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 17:50:30 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 67317
x-amz-server-side-encryption: AES256
etag: "ebd50fe79b30e9f210e354a1edede7ec"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 9781
x-amz-cf-id: NQa9acS1Ck8ec_pn-ESKtct9oksu9rKXeWQ4MMRqjWQTHVWW0F363g==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 43ms
41ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612474376513&pd=%7B%22em%22%3A%226e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1717446696067
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.underluckystars.com
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 7055577971246493
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.97.1/html/ Frame AEB9 0
0 25ms
8ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31598
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 03 Jun 2024 20:31:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64de36dc-1ebb3"
last-modified: Thu, 17 Aug 2023 15:03:56 GMT
paypal-debug-id: b15d3bc162adb
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b15d3bc162adb-b89ef4c1f3ea9ac4-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6477, 5
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-fra-eddf8230031-FRA
x-timer: S1717446696.107920,VS0,VE0

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.97.1/html/ Frame C899 0
0 26ms
26ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31598
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 03 Jun 2024 20:31:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64de36dc-1ebb3"
last-modified: Thu, 17 Aug 2023 15:03:56 GMT
paypal-debug-id: b15d3bc162adb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b15d3bc162adb-b89ef4c1f3ea9ac4-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6477, 5
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-fra-eddf8230031-FRA
x-timer: S1717446696.107920,VS0,VE0

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.97.1/html/ Frame ECC5 0
0 27ms
27ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31598
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 03 Jun 2024 20:31:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64de36dc-1ebb3"
last-modified: Thu, 17 Aug 2023 15:03:56 GMT
paypal-debug-id: b15d3bc162adb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b15d3bc162adb-b89ef4c1f3ea9ac4-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6477, 5
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-fra-eddf8230031-FRA
x-timer: S1717446696.107920,VS0,VE0

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.97.1/html/ Frame 1AE9 0
0 19ms
19ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.97.1/html/hosted-fields-frame.min.html

Requested by

Host: d3j4c7e2o820k1.cloudfront.net
URL: https://d3j4c7e2o820k1.cloudfront.net/js/f677160-6027d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31598
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 03 Jun 2024 20:31:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64de36dc-1ebb3"
last-modified: Thu, 17 Aug 2023 15:03:56 GMT
paypal-debug-id: b15d3bc162adb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b15d3bc162adb-b89ef4c1f3ea9ac4-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6477, 5
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-fra-eddf8230031-FRA
x-timer: S1717446696.107920,VS0,VE0

GET
H3

200

/
www.google.de/pagead/1p-conversion/867529107/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

51ms
51ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIw4DcwaPAhgMVOXNBAh08aCNoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20v&is_vtc=1&cid=CAQSGwDaQooLdxu_ZXVGzo3gpPYIaBzeQPIn3_P5dQ&random=3489190602&ipr=y

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/867529107/?random=1950714659&cv=11&fst=1717446695571&bg=ffffff&guid=ON&async=1&gtm=45be45t0v879165916za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&label=k6PTCJTUzOwBEJPj1Z0D&hn=www.googleadservices.com&frm=0&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&gtm_ee=1&npa=1&pscdl=noapi&auid=367297318.1717446696&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIw4DcwaPAhgMVOXNBAh08aCNoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20v&is_vtc=1&cid=CAQSGwDaQooLdxu_ZXVGzo3gpPYIaBzeQPIn3_P5dQ&random=3489190602&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 underluckystars.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 587E 1 KB
1 KB 266ms
218ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/underluckystars.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d54c9f484d15dbdbd01148fc51f3c90e58c25bf8f6419c869b216c64d49e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 88ad2b370d402a60-SEA, 88ad2b370d402a60-SEA
x-runtime: 0.013653
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"20d54c9f484d15dbdbd01148fc51f3c9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BzltRpZ6HgAYqEDyNJMq4Msugak6gHYRlyliSmhHS81AoIPhD9AId2ggbR9mfeL%2B4Y5YmP%2FEdad9k31rn8yGx7NhlVEPx2OCP9MG4mJWCXDFLcBr3FsSASaXxVH60rKeEI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 88e2729b1ee7911f-FRA

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 82ms
25ms Ping
text/plain 2600:1901:0:7628::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
0 40ms
39ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2612474376513&cb=1717446696129&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%226e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3%22%2C%22derived_epik%22%3A%22dj0yJnU9RC12ZFowazJYa244bUIyZnB0Z2dTbkFWamFUUmdET1Ymbj1saVRUbVNMNTNzZjRyTlAtYThiYVd3Jm09NCZ0PUFBQUFBR1plS0NnJnJtPTQmcnQ9QUFBQUFHWmVLQ2cmc3A9Mg%22%2C%22pin_unauth%22%3A%22dWlkPU9UQTNNelZpTkdFdE9ESXdOaTAwWm1Oa0xXSXpNV1F0T1RkbFpEWXdObVJpWW1NMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.underluckystars.com
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
content-length: 35
x-pinterest-rid: 4423916672692604
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
0 38ms
37ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=addtocart&ed=%7B%22order_id%22%3A%2256103c21-6f7e-422a-936d-9db19ab864d4%22%2C%22value%22%3A76%2C%22currency%22%3A%22USD%22%2C%22event_id%22%3A%22a09fbea9-b419-4c0f-8cd6-09eda9198b81%22%7D&tid=2612474376513&cb=1717446696129&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%226e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3%22%2C%22derived_epik%22%3A%22dj0yJnU9RC12ZFowazJYa244bUIyZnB0Z2dTbkFWamFUUmdET1Ymbj1saVRUbVNMNTNzZjRyTlAtYThiYVd3Jm09NCZ0PUFBQUFBR1plS0NnJnJtPTQmcnQ9QUFBQUFHWmVLQ2cmc3A9Mg%22%2C%22pin_unauth%22%3A%22dWlkPU9UQTNNelZpTkdFdE9ESXdOaTAwWm1Oa0xXSXpNV1F0T1RkbFpEWXdObVJpWW1NMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.underluckystars.com
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
content-length: 35
x-pinterest-rid: 1197437760168306
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 32ms
31ms Script
application/javascript 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 3df8823f
date: Mon, 03 Jun 2024 20:31:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240521140000BF4B385F5F222A3EF349
x-tt-trace-id: 00-240521140000BF4B385F5F222A3EF349-5AF236171CD97164-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a1f4b0fd4421263bc84116bee74934524dd1a6325ffcf7c00125ced32580367a48ba8717e1b06a149a644186dacd647adf631f294a182c8eeef71f90f1c5b72dc40e3ac62fcf404e2547c5a2b5a4bf2536ad3ca91efc82a12dab0ce75aa47a7f
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 39732

GET
H2 200 enable_cookie Show response
analytics.tiktok.com/i18n/pixel/ 0
706 B 187ms
185ms Script
application/javascript 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/enable_cookie
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
x-akamai-request-id: 3df88270
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202406032031365C62D5AB3B08393CB710
x-tt-trace-id: 00-2406032031365C62D5AB3B08393CB710-63D78471A4981618-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,95.100.146.5
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b8802b0deb85a6d46fc966e626cd8020b2f5c0d22dd6f644ffa260f96e4c91098a8a25ee051fb2725b7bc3413b9121dd45ed358e42804de88dfedf303b4b8c39f30feee356b8d0fb7c22d12baf2a4f1557
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=30, origin; dur=120
content-length: 0
expires: Mon, 03 Jun 2024 20:31:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 54ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696192&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=uvdf9q&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2882, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
475 B 234ms
193ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782857011853426&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696192&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=uvdf9q&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2cfa61b5cc69d9a5","source_keys":["1","2"]},{"key_piece":"0xae5dd4d020b50dee","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=16, mss=1368, tbw=8512, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: no-cache
x-fb-debug: 9OH+Jp2ORmnJAFJX5brWz1ezHuLgN5cjkCAxiw/Y5uf+0ZLjOfbBP6yXClEkZvT9Le8xZ4U091J2GPk9KDRoRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 37ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788297019927737&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696194&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=uvdf9q&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2882, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
474 B 226ms
202ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=788297019927737&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696194&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=uvdf9q&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xadde7c3ebb9661fb","source_keys":["1","2"]},{"key_piece":"0xd998f9d91c7eb63f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=16, mss=1368, tbw=9009, tp=-1, tpl=-1, uplat=193, ullat=0
pragma: no-cache
x-fb-debug: lGPyfNlkvKv1yZYWC5R7d9Bq4ugRggMUtAhKtsTYZKk7qpsDc1iORg76bKie/BmllD0X4QUgjY7AsKlZFdFVWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 36ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696195&cd[content_name]=campaign_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2882, tp=-1, tpl=-1, uplat=2, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 203ms
179ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696195&cd[content_name]=campaign_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x55699872f1c81e68","source_keys":["1","2"]},{"key_piece":"0x81d8d1e6f2debcdd","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=16, mss=1368, tbw=4544, tp=-1, tpl=-1, uplat=171, ullat=0
pragma: no-cache
x-fb-debug: F1EhPxM26R/M3aIs42KOTeWoo9Jma3T7PTfbCelkUWgLVmocvPAhFfVSU6sFdN1nR88K/fgEGdlEIwed2gJm9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 17ms
14ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696196&cd[content_name]=campaign_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=3628, tp=-1, tpl=-1, uplat=5, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
277 B 191ms
188ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696196&cd[content_name]=campaign_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1bf7888e44517401","source_keys":["1","2"]},{"key_piece":"0x0367f6f902304b96","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=16, mss=1368, tbw=10000, tp=-1, tpl=-1, uplat=182, ullat=0
pragma: no-cache
x-fb-debug: CKTQvVt9CoQkQdRwLWcPvbJ9intXgWZzaEX6aaUkOD9wT1NfIgnFEJVe3/nKJvOxOS+y5ci2Kx1Z+UDZUz+P4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 17ms
15ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696200&cd[content_name]=source_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=3743, tp=-1, tpl=-1, uplat=4, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
275 B 161ms
158ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696200&cd[content_name]=source_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x55699872f1c81e68","source_keys":["1","2"]},{"key_piece":"0x81d8d1e6f2debcdd","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=16, mss=1368, tbw=8215, tp=-1, tpl=-1, uplat=151, ullat=0
pragma: no-cache
x-fb-debug: ZLEpzgqzDN9VSdixha0of8ZNsSUt70IHDzyNwaaTZ/Gn9kqvsoLuNdj7ZHGyQ8uQ6Qr+jYVjHvNHMlfkhMogog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 17ms
15ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696201&cd[content_name]=source_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=3743, tp=-1, tpl=-1, uplat=7, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 190ms
187ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696201&cd[content_name]=source_hesitation_text&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1bf7888e44517401","source_keys":["1","2"]},{"key_piece":"0x0367f6f902304b96","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=16, mss=1368, tbw=9505, tp=-1, tpl=-1, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: gCocec9wwsAwYD98MiOFnz1cV0d84V/mwyraSq+nUGE/syvg5oau9GSXaugeYcc/bazWUb/du7Zakc+LXNzyaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 121ms
119ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696202&cd[content_name]=medium_sms&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=4000, tp=-1, tpl=-1, uplat=104, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
274 B 239ms
236ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782857011853426&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696202&cd[content_name]=medium_sms&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x55699872f1c81e68","source_keys":["1","2"]},{"key_piece":"0x81d8d1e6f2debcdd","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=16, mss=1368, tbw=11606, tp=-1, tpl=-1, uplat=223, ullat=0
pragma: no-cache
x-fb-debug: e843yIUyaYOUOkd6uc9Skd1JCIrz7tllnpvxrAGis7BAWTOmV6NvgrtAOZqG9qkoxof2ZolryKB05wTIcAB94A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 121ms
119ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696202&cd[content_name]=medium_sms&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=4147, tp=-1, tpl=-1, uplat=105, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
275 B 238ms
236ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=788297019927737&ev=ViewContent&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696202&cd[content_name]=medium_sms&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1bf7888e44517401","source_keys":["1","2"]},{"key_piece":"0x0367f6f902304b96","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=16, mss=1368, tbw=11309, tp=-1, tpl=-1, uplat=222, ullat=1
pragma: no-cache
x-fb-debug: 5JYGH7EBXHhs0ZQT09xKTA83ElgQMimE2dHNEJeBaMdfuy/48g7gYZTOgUOlZXYsIamALxb6V/wEPeEU2jp2og==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 122ms
119ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696203&cd[value]=76&cd[currency]=USD&cd[content_ids]=%5B%2218_24_map_moon%22%5D&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=4&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=56103c21-6f7e-422a-936d-9db19ab864d4&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=4263, tp=-1, tpl=-1, uplat=106, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
482 B 236ms
234ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782857011853426&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696203&cd[value]=76&cd[currency]=USD&cd[content_ids]=%5B%2218_24_map_moon%22%5D&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=4&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=56103c21-6f7e-422a-936d-9db19ab864d4&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x099a7ae86dbcc226","source_keys":["1","2"]},{"key_piece":"0xbcb1afee4fa3d58d","source_keys":["1","2"]}],"aggregatable_values":{"1":1,"2":76}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=16, mss=1368, tbw=10299, tp=-1, tpl=-1, uplat=220, ullat=0
pragma: no-cache
x-fb-debug: L+qZ1Xur4rx7npTskek5IVPSrZJZttjym1ekt1lBtKP6D7nkD4tahRAncYk/WTFW6QxsOfx8+u1BJzjd5wOBFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 122ms
119ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788297019927737&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696204&cd[value]=76&cd[currency]=USD&cd[content_ids]=%5B%2218_24_map_moon%22%5D&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=4&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=56103c21-6f7e-422a-936d-9db19ab864d4&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1368, tbw=4388, tp=-1, tpl=-1, uplat=107, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Jun 2024 20:31:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
484 B 237ms
235ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=788297019927737&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&rl=&if=false&ts=1717446696204&cd[value]=76&cd[currency]=USD&cd[content_ids]=%5B%2218_24_map_moon%22%5D&sw=1600&sh=1200&ud[fn]=5f3d6952c5c5e22077fabf461de80f1ce475752fe75afcf5ca46bac438405619&ud[ln]=b4a7d468eca98f865eb2fdb0177707092afea2e0a530dfe0c5f29bf6539676bb&ud[em]=6e27ea56a1bf82ed53f6c46effefd7f58625e91e9b6df0f30e7d3ea4b33508e3&ud[country]=c330ec504d82c24fcd10be978fa74b8a3185a8df719604a85443bb9ca279f5a2&ud[zp]=699df1d35dff2d3e68581f6c67e6c4533c310d1dab6b7e34358abde47b0971db&ud[st]=3d099d0f13df9d0bb4427a6ce99d61b988861761e286d6e34b17d6371b46b13f&ud[ct]=4f18b075b430429762f19d880df444390a1168662086c74d825bf7f2240a58fc&ud[ph]=975d7c0fa77f52a9b98842ac62fa6153b2acda42c9fd61c9ed4436f65014d8a5&v=2.9.157&r=stable&ec=4&o=4126&fbp=fb.1.1717446696192.562873762487313689&ler=empty&cdl=API_unavailable&it=1717446695372&coo=false&eid=56103c21-6f7e-422a-936d-9db19ab864d4&rqm=FGET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4eb143c3523241a9","source_keys":["1","2"]},{"key_piece":"0x05bdbd62aeaa6826","source_keys":["1","2"]}],"aggregatable_values":{"1":1,"2":76}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 03 Jun 2024 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=16, mss=1368, tbw=10803, tp=-1, tpl=-1, uplat=221, ullat=0
pragma: no-cache
x-fb-debug: 2DROGOXVTY+I5NJWrYuE8aKU28XrWF0lJV9qkgT3k+bJPBPN5bHFzKZywhCtw9TKHpE1W3bN7LQNr0zphOSJhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
493 B 71ms
16ms XHR
image/gif 54.239.192.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YmZlOGZlZjItNGU4YS00NTgwLTg0NGItN2YxZmZiZTRlZTAyJnNlc3Npb25JZD03NWE1OWUyNi04NGFkLWE5ODctYjEyOS0zNTUxYTFmYjMyNzI%3D&date=1717446696225
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-187.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 05:51:52 GMT
via: 1.1 64de0e8f28c987c1b81102130781b870.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 52785
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: DtQEjXzQG2qwG2sjFGaLf7KJbgakbbecMZKAnRe8ljtzeClweobVRw==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
493 B 86ms
31ms XHR
image/gif 2600:9000:26db:d600:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWJmZThmZWYyLTRlOGEtNDU4MC04NDRiLTdmMWZmYmU0ZWUwMiZzZXNzaW9uSWQ9NzVhNTllMjYtODRhZC1hOTg3LWIxMjktMzU1MWExZmIzMjcy&date=1717446696225
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:d600:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1409
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: IAiJb-wKMD7sGfmbykCNOHCbfD7E3HLPCn1Hdg_xoe35QbWikIoofg==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
451 B 103ms
31ms XHR
image/gif 2600:9000:26da:9200:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YmZlOGZlZjItNGU4YS00NTgwLTg0NGItN2YxZmZiZTRlZTAyJnNlc3Npb25JZD03NWE1OWUyNi04NGFkLWE5ODctYjEyOS0zNTUxYTFmYjMyNzImY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRnd3dy51bmRlcmx1Y2t5c3RhcnMuY29tJTJGZW4lMkZwYXklMkY1NjEwM2MyMS02ZjdlLTQyMmEtOTM2ZC05ZGIxOWFiODY0ZDQlM0Z1dG1fY2FtcGFpZ24lM0RoZXNpdGF0aW9uX3RleHQlMjZ1dG1fbWVkaXVtJTNEc21zJTI2dXRtX3NvdXJjZSUzRGhlc2l0YXRpb25fdGV4dA%3D%3D&date=1717446696229
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9200:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1409
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: -KjTv1Ys-Fpq8K_O_Kh5zJeW8dsBkJ0NyCKWlC8dIZzL1MLDj8UbHg==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
449 B 99ms
32ms XHR
image/gif 2600:9000:26da:9200:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YmZlOGZlZjItNGU4YS00NTgwLTg0NGItN2YxZmZiZTRlZTAyJnNlc3Npb25JZD03NWE1OWUyNi04NGFkLWE5ODctYjEyOS0zNTUxYTFmYjMyNzImY29va2llU3VwcG9ydD1QRVJTSVNUJmFyZz0lN0IlMjJ0b3RhbCUyMiUzQSUyMjc2JTIyJTdEJmV2ZW50PWVfSW5pdGlhdGVDaGVja291dCYlMjRvcz1XaW5kb3dzJiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZ3d3cudW5kZXJsdWNreXN0YXJzLmNvbSUyRmVuJTJGcGF5JTJGNTYxMDNjMjEtNmY3ZS00MjJhLTkzNmQtOWRiMTlhYjg2NGQ0JTNGdXRtX2NhbXBhaWduJTNEaGVzaXRhdGlvbl90ZXh0JTI2dXRtX21lZGl1bSUzRHNtcyUyNnV0bV9zb3VyY2UlM0RoZXNpdGF0aW9uX3RleHQ%3D&date=1717446696235
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9200:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1409
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: GkUJkw-gnV0r20zA51GcDbu8B5fA-tGLd8RAxx01O_EGJGpRKBVGog==

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538&_bee_ppp=1

43 B
796 B

30ms
29ms

Image
image/gif

34.247.125.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538&_bee_ppp=1

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text

Protocol

HTTP/1.1

Server

34.247.125.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-125-229.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-5887&value=&uncacheplz=5347361538&_bee_ppp=1
Date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK collect Show response
e.clarity.ms/ 24 B
399 B 329ms
114ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 721e2c8d5f203461f3d93d9dc42c223b68a77691019cbc44331633376d8ba91d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
153 KB 179ms
145ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCVXmcqbTFg7krE%2FBKQbOOH1CXH35wY5nczuV5S3%2BvJVRbEh0NYaZFI0owMB%2Fw8sk0eVanawZy8y%2FOilhZEpmXXPfOL92AHVMsCzrnU6c03Aui2jy5uSuoCRZhNual90LtDpvNMHrSy43dRVS9Zv9Ex%2FoSJLhRNQMoyC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 88e2729bbb200476-FRA
expires: Sat, 30 Nov 2024 20:31:36 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
828 B 333ms
113ms Ping
text/plain 104.120.210.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.210.155 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-120-210-155.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: aca6ded7
date: Mon, 03 Jun 2024 20:31:36 GMT
x-bytefaas-request-id: 20240603203136BFB1C99F1F58A33CB31A
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240603203136BFB1C99F1F58A33CB31A-6C421A1AA610024D-00
x-cache: TCP_MISS from a104-120-210-151.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56337083) (-)
server-timing: inner; dur=8, cdn-cache; desc=MISS, edge; dur=1, origin; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240603203136BFB1C99F1F58A33CB31A
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 5.07
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b8b47355f76fa78750ce6e5603178bbb22df0b6b397032b2b619ed5bb90bc7e78a07f1f2cafb81ac46ad8ad69599c28a29737f433d37376d83f5fb368f297041e3abc0df4599b3b8f3ea3e1eb4fbf26143
x-origin-response-time: 17,104.120.210.151
access-control-allow-headers: *
expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 374ms
371ms Ping
text/plain 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 39d56241.3df88469
date: Mon, 03 Jun 2024 20:31:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240603203136F6D1531F61DA4E3DA6AD-0A38FA7FA68E0B22-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 269,95.100.146.5
server-timing: cdn-cache; desc=MISS, edge; dur=218, origin; dur=96, inner; dur=62
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240603203136F6D1531F61DA4E3DA6AD
x-cache-remote: TCP_MISS from a23-48-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.48.100.134
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b812ebcd0e68594e10a0e0454d1156b6f385594c9a4ed0dd427dd921413161b4c32a89c71b69f3bd59b5c28aeae159b894ea794bd325cc06e55683e374c3a7759569f3649729222f5abde8652ad389eddd81095fd1003b66b06eaad07329d98ce7
access-control-allow-headers: Authorization,*
expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 193ms
189ms Ping
text/plain 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dfdcab2e.3df8846a
date: Mon, 03 Jun 2024 20:31:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240603203136A3F0D55CA6B41C44EA52-304F1C72D005988F-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 120,95.100.146.5
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=21, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240603203136A3F0D55CA6B41C44EA52
x-cache-remote: TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.200.209
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b812ebcd0e68594e10a0e0454d1156b6f3c9bd9f3bb277b88f0b285b42b19dcd0c0ea91bd0efde033c0bafcd1098e30f77e330f0420d3253104a340c259066a3cc78f3914a0153c9e9d1a54ac4f7cb5ba1f4a2cb75dd0d6423fd38f4c4730fb1e8
access-control-allow-headers: Authorization,*
expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 331ms
327ms Ping
text/plain 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 352e43d9.3df8846c
date: Mon, 03 Jun 2024 20:31:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24060320313631FEC493CC3B5F3D225D-63285F30D8C66A44-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 193,95.100.146.5
server-timing: cdn-cache; desc=MISS, edge; dur=236, origin; dur=22, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024060320313631FEC493CC3B5F3D225D
x-cache-remote: TCP_MISS from a184-28-17-242.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,184.28.17.242
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b8802b0deb85a6d46fc966e626cd8020b2632c53f75cbc4c9f3eb00327b629802d6d951cfa764d38ea8423ca15cad03ebc8b485155015bc4f570bc255992a312a7bb851938fee40cbb19b01fe942733d536dbcdc683e77bba4dfa7a71428009ec5
access-control-allow-headers: Authorization,*
expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 243ms
239ms Ping
text/plain 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3df8846d
date: Mon, 03 Jun 2024 20:31:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240603203136399642EACA6BAD3D58EE-46E0DC2DC779D582-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=43, origin; dur=118
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240603203136399642EACA6BAD3D58EE
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 118,95.100.146.5
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b8802b0deb85a6d46fc966e626cd8020b2160e56fab948a3a368c58991212aa9d191784763a53b2178e9b995233669a7b6bfc1abcbc650535c22d49e8438215cbbb5a9d87f65660f682dada48167f958f5
access-control-allow-headers: Authorization,*
expires: Mon, 03 Jun 2024 20:31:36 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 23ms
22ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.underluckystars.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 11ms
10ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
303 B 433ms
246ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.underluckystars.com
Date: Mon, 03 Jun 2024 20:31:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 web-widget-main-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame C6C2 972 KB
278 KB 33ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d1c949907af4ac820f60197fdc339cafa5b05c64fe0c4739d4b34b2b59335b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
x-amz-version-id: 7sYtabYd8ciOGu5V0P89IQfor6N0nKoQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JNNRPXTJ12F6BEKW
age: 84
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: j/1EjmULaYT0mjxUAU/qkB/mgZ4o+CgswINlJ+DHo4vytPWqArGDpjP69YG52+9KHVhAHQf11gAYDLF2diFpQ2SflFBtSkkf
last-modified: Tue, 21 May 2024 07:56:03 GMT
server: cloudflare
etag: W/"1cd914e37c72f31dd72b0b44ef9b3e44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BHv7ZmDo1QUxyJKRPPYWuh3aZVClTIQsu6Dpi4yUIGHWG5WX7bpzoSCd%2B4Mj1fxYZAR6LBD7Lf4w5hXkpkkCTvd6MRyb2ONHZlFbpeLy0q2mO3%2BtnHfWzjDOL5ddC%2BiVDgt10w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88e2729c8def2c75-FRA
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:02 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
842 B 196ms
194ms Ping
text/plain 95.100.146.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY1ZWZmZjM0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a04b0f59.3df887e3
date: Mon, 03 Jun 2024 20:31:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240603203136CF4D106BB826F23C8E78-70E44A24C1D02146-00
x-cache: TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 140,95.100.146.5
server-timing: cdn-cache; desc=MISS, edge; dur=124, origin; dur=32, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240603203136CF4D106BB826F23C8E78
x-cache-remote: TCP_MISS from a23-220-105-80.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.105.80
x-tt-trace-host: 01509ecbe5eeb28ba05730fcb649ea70b812ebcd0e68594e10a0e0454d1156b6f3186a74e1b45eb704a2fdba0b8dbd68e3272963280cafd094ef097a4cd52c93319698177b1229043e4a7750cd4e086da72322bfce332b498a03267af9da4b9c0a2d5ebeb35cdf309942e5372db69ed985
access-control-allow-headers: Authorization,*
expires: Mon, 03 Jun 2024 20:31:36 GMT

GET
H2 200 en-us-json-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame C6C2 25 KB
6 KB 39ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
x-amz-version-id: 2hYypV05EZU7FfAAst9jMWe4PEdNwLeK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYW4TTGW2EW5826
age: 558768
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: A//gFCWi1UWvrATt9znBnAXnMVODo0cZckPq0/Ee09OdcjY+Kb0ZzhLeH6PFeWN98gwpxmpGtlg=
last-modified: Tue, 21 May 2024 07:56:04 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUWtNgJm3SF0rDboTKqFan7dmeaJIRvzj5YSmI40Omrp4y1BiGnoTmwBo3atcnh9Djcam58M5jlginOKWFNYvN5sPtFIguC913cmNkEolo6xnWXU9hg%2FYsh3mfPfHTECKxtVdWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88e2729d7f232c75-FRA
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:03 GMT

GET
H2 200 config Show response
underluckystars.zendesk.com/embeddable/ Frame C6C2 887 B
1 KB 132ms
73ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54252ccf29a93145ba978c37518d4459992f29a1dab0fdc018f753c8a17fde0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-798cfbc46d-p9hps
x-cached: MISS
x-runtime: 0.001702
last-modified: Mon, 03 Jun 2024 19:08:05 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toy5vSw9ZGcZN4PxoC4wVPBHLnhfRtY3wunrM%2Bumhcw0SUYr5LDi%2Bgz2mpeVf28%2B7xjvByM0UrHhCyHyVv4BiRHbBMS4YuNgFL0rAe9H4mjXjHYh7HG14ABifVRgKrVBNKmrzV3xlYYId5SKPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 88e2729ddc34bb4d-FRA

GET
H2 200 12.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 23 KB
10 KB 138ms
131ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/12.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 9688
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFUvIt1qd442jkW0wYsvToJ%2BPSNJpKey4xvtEkmXwzCPy1ybdj2ssM7zBYCUiqCFBuISNM%2BKYf9yfD2dXBlaMuSSCcKI9a%2Bx5GsVrOP%2F0zDCrpmmUcTErloeRy7MdG5jArrzLisF2bg4vHt2HtfdEQ%2FKMb90kmFf97%2Bn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 88e2729dce6a0476-FRA
expires: Sat, 30 Nov 2024 20:31:36 GMT

GET
H2 200 web-widget-chat-sdk-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame C6C2 216 KB
53 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
x-amz-version-id: Cqx7SIb9.heewODiHJIf0HBediWoScSO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYREK8MHDQ8FZ13
age: 558768
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ciNpaHvLti0A9Tn1NOk8GVcZq3Ccu05RCk95i07O2VgqcMJCCFf9ucQYiXv/zCmK5eDPHitLBlU=
last-modified: Tue, 21 May 2024 07:56:02 GMT
server: cloudflare
etag: W/"bf7f24c006f934261d7ff732b528402b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5665uY9uD9DDIrbmoLCtl7IKXn6z0ksDfmkThoH%2F9HXNqW1WJeEV%2FVJSnTq3zLp%2Blhe4N5frD0SYLHnlOAXpJIQncicyiuL0REH8z8h83ZMz%2BE5BIY6cY0Cy3KXeAX1waAg4kso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88e2729dcf972c75-FRA
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:01 GMT

OPTIONS
H2 200 Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 0
0 168ms
156ms Preflight 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, x-cardinal-tid
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 88e2729ebfaa0476-FRA
content-length: 0
date: Mon, 03 Jun 2024 20:31:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRLWCJPACxm4nO1nNEcIOR9lagxUmIUZdzQ4eYKiEd%2BKwDL3v6gBPbjgHGU0JNFCWFfMgQUzWA7tyFvRIEUAiv%2FodS5NO0lzaQRJUuXtQRPuQEEG9dtaMQL87UpQTyb5xWHzPxpSOXmN%2BuhDFrEIN8mwenHUMXNBpWMxv994"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 Init Show response
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 2 KB
2 KB 516ms
516ms XHR
text/plain 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9a6355b2d7268750b4b2ce83bf0c68eb476d499396f937f89b1aa5447cc0bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Cardinal-Tid: Tid-c9978dc2-1efe-409c-80eb-b2605b88b34c
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://www.underluckystars.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51RGwUpB6aQzOALj0v6YfTcGGTROJZLYAR63vJuU5KZ%2B0Sit1IlvIL%2BTxij%2BrH7er7LRxmbuRCHSdCW6fCLjA9YzIdRkITBo6D91H5TIeheJ9GmF8rgdv%2BR4p9uxYN0p4nnEkXL6vOuXDGJIsTiluGQwsN7zTm%2F%2FNrtiexfP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Access-Control-Allow-Origin
cf-ray: 88e2729fa94d0476-FRA

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&RedC=c.clarity.ms&MXFR=3365E672D1B86ADA2A61F2E1D5B86449
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&MUID=229CC43F33A961253665D0AC327B608E

42 B
441 B

26ms
25ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&MUID=229CC43F33A961253665D0AC327B608E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:36 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FF8011CF5934EFEA9C683C28A07678E Ref B: FRAEDGE1313 Ref C: 2024-06-03T20:31:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F865B8F990F048E8932B4659144683BF&MUID=229CC43F33A961253665D0AC327B608E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 9ms
9ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
x-cdn: fastly
age: 4253
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame DF2A 0
0 49ms
35ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 03 Jun 2024 20:31:36 GMT
pinterest-version: 0acf2821fed5456b690322e537fbd16e9a4bf075
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8926853136859539

GET
H/1.1 200
OK cart-icon Show response
www.underluckystars.com/en/ 2 KB
1 KB 1383ms
1379ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/cart-icon
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 72edc7582944dd48f29916ba0b6fd6bb930b700b6a92fe0b1edee5766312e6ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:38 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Accept-Encoding,Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446696&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9wGYJprUF8qSKnowYLlfFM2kb6EDUWQWENGL4Cmazvw%3D"}]}
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Length: 658
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446696&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9wGYJprUF8qSKnowYLlfFM2kb6EDUWQWENGL4Cmazvw%3D
Expires: Mon, 03 Jun 2024 20:31:38 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame C6C2 236 B
829 B 31ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:36 GMT
x-amz-version-id: YtYcuoz31wmMmrwgUq7cLaYblV9Qa2Jx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYV1WYHZGMW561V
age: 558767
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 6Gme5igqSG3plA46A3KQ51BmrobsczGjkd7A7MlNQ6HYmm50k2gr74WwNP3zwtny4yvRBidjvL6qtrjLQ62Spg==
last-modified: Tue, 21 May 2024 07:56:02 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE7tIMsThS%2FNlGO9zx9tUI%2FIb94RtP%2FAx0K3sOZubqxZ3%2FuA00jqNGqC1mgd2pjoG%2FPbg9pv1%2FmF2b%2FEDMJ5qZ0MvdnKB1cl0sNfcV1Cxp4VKAbHAZvXDlrRGH9Pw4U34d45W5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88e2729faa092c75-FRA
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:01 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame C6C2 19 KB
20 KB 39ms
38ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:37 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 7093897
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlZyMCBOtpt0C83XVIBOFZ5DYZymoXrrHmOgRdrJSOJmIYdAd8v6Dsdx8RmMJ9rQRDPHHab62GCihI7dhLtJNu6m8Q%2BVw1SK91MniJW0c9BG7HNQXFy4%2BHbAPInSdLq9lzUL4U4%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88e272a10bc52c75-FRA
access-control-allow-headers: *
expires: Thu, 28 Nov 2024 08:06:42 GMT

GET
H/1.1 200
OK favicon-32x32.png
www.underluckystars.com/ 800 B
2 KB 110ms
110ms Other
image/png 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d7670ba5fe935637a5c6b282da6b5b9ff70cc31deb3e21e93fb6d0441f47661e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:37 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Last-Modified: Mon, 03 Jun 2024 18:24:19 GMT
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446697&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=436VI7IvXbpTBm8O7MfUEK5OcbaZNqOdCbnlKMK189U%3D"}]}
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 800
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446697&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=436VI7IvXbpTBm8O7MfUEK5OcbaZNqOdCbnlKMK189U%3D
Expires: Tue, 03 Jun 2025 20:31:37 GMT

GET
H2 200 11.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 26 KB
11 KB 146ms
146ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/11.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 10265
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BO%2BYTo7VcxDE6pTCdWoHO5ApC%2BZPUILjBm%2ByUv%2B5SU7vQLPqAf1lTIP6K64jXf3kYOczhbS4H0qGxEZXXCxb%2Bh7aBFXmTLnX%2BAshnJ%2FfvrOWIuG3DQFnGYVD1Ly%2B7M9CbEP6BP%2Fn47nGz5uBIwheq0%2FvF0l5LD9cQQD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 88e272a2ede80476-FRA
expires: Sat, 30 Nov 2024 20:31:37 GMT

GET
H2 200 Render
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame FB6B 0
0 253ms
142ms Document
text/html 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=642b9141e4c4446a03aff065&tmEventType=PAYMENT&referenceId=0_59dca058-4a20-47e2-8d4b-c3e3730bba17&geolocation=false&origin=Songbird

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underluckystars.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 88e272a3aeb39b5d-FRA
content-encoding: gzip
content-language: de-DE
content-length: 956
content-type: text/html;charset=UTF-8
date: Mon, 03 Jun 2024 20:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTyKk3fvuAFiS2gqZGTp9Kht3E57rfNCBSiVeD4gQD2O69sxEs1oDgyki6SZT2TqR1b88TTSm7G6w5WD%2BHHh%2Bv7RNRa20UqoUOO5ijNsUGD3k76kh2WiztO2LJkwtlmEDYu5C%2BenoUCdlmZ0LvYHJm5m%2F3idRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers, Accept-Encoding

GET
H2 200 3.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 24 KB
7 KB 48ms
48ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/3.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Origin: https://www.underluckystars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 422449
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2F5p1r6wbedIsEpfOjQW7C5U5s9Wfkb5aUA%2FT5eUcxjZG3pLR2mP5aFfh7CoFZL3WdVXAYFK3s0COmjy4pIuP%2BrzCl6j9UkENGcWJxP0V8%2BfLSv6sLPnF0QwIECyAN4M0VR2%2F0%2BFRtZ5v%2FrvLxXUsez%2B7wkha%2BH%2FIQH%2B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 88e272a3df300476-FRA
expires: Sat, 30 Nov 2024 20:31:37 GMT

POST
H2 200 log Show response
writer.cardinalcommerce.com/prod/ 15 B
588 B 232ms
232ms XHR
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Cardinal-Tid: Tid-c9978dc2-1efe-409c-80eb-b2605b88b34c
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://www.underluckystars.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 20:31:38 GMT
via: 1.1 3390f75f0478e466058132c3d8207a8e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR3-C1
x-amzn-requestid: 9cce2346-f9b0-4326-9a18-07616c46b031
x-cache: Miss from cloudfront
x-amz-apigw-id: Yzs2pEj9oAMEQlA=
content-length: 15
server: cloudflare
x-amzn-trace-id: Root=1-665e282a-4b4ef8f93ba1b9e46ac55e7c
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INhxX2ho%2BHUC1UbWzeQrPnNgB0gHdDhe5zmY%2FGseqiLCROrwzOIgGXToPCabZmjSZtKcMCIhV9ifWam9lWCvzWvSeuqnBG%2FFYTQ8rlejL06QZdvkTJ6jr8kN87AN%2BW6Vg%2BW3xRS4foW%2BNf7kqs2R7wPqhkphFdbAVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 88e272a74c6b0476-FRA
x-amz-cf-id: ng1iM7H1Y_T1IIUAkkkx26pK7ZZwBbbmv4Upac73Az2Yb6fp3nOOxw==

POST
H/1.1 200
OK xwz68n3mk9ddpsxy Show response
client-analytics.braintreegateway.com/ 0
358 B 11ms
11ms XHR
text/plain 52.57.28.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/xwz68n3mk9ddpsxy

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.28.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-28-205.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Jun 2024 20:31:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H2 200 log
writer.cardinalcommerce.com/prod/ Frame 0
0 149ms
138ms Preflight
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 88e272a66b1e0476-FRA
content-length: 0
content-type: application/json
date: Mon, 03 Jun 2024 20:31:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHmJ7QmEEMdNupwmDOfoqSOxtVBnv5rRxnZy%2BjEpHD9TcQva3aNO0ItUo7PBRzq34jjmTVSLy%2FwY34nwdHXhdwYBY9TTwjWKoL%2FA7kRHdmgNbR7mXAdYyf%2FlgRgqS9%2FVL8T8TRZhBVVKK%2BeX%2BMFkvPPnIqc86Z3QSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 b5a534d08b2c383ce078e25aff3f2348.cloudfront.net (CloudFront)
x-amz-apigw-id: Yzs2nF_VoAMEOog=
x-amz-cf-id: J7_EilKVPNJ5qtLwbxq1jpMGEkxSV5vGH4DiaZx8hYrnYABX7iotMA==
x-amz-cf-pop: LHR3-C1
x-amzn-requestid: ed055851-8945-4602-bbc3-963486c2280e
x-amzn-trace-id: Root=1-665e282a-0036b8f94244a9291a695c23
x-cache: Miss from cloudfront

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
303 B 95ms
94ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.underluckystars.com
Date: Mon, 03 Jun 2024 20:31:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LSBK82Y0LK&gtm=45je45t0v881670038za200&_p=1717446695085&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1167730064.1717446696&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&cu=USD&sid=1717446695&sct=1&seg=0&dl=https%3A%2F%2Fwww.underluckystars.com%2Fen%2Fpay%2F56103c21-6f7e-422a-936d-9db19ab864d4%3Futm_campaign%3Dhesitation_text%26utm_medium%3Dsms%26utm_source%3Dhesitation_text&dt=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&en=begin_checkout&_ee=1&pr1=id18_24_map_moon~pr95~qt1&ep.anonymize_ip=true&epn.value=76&ep.coupon=HESITATION20&_et=5&tfd=9938
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LSBK82Y0LK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 20:31:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.underluckystars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cart-icon Show response
www.underluckystars.com/en/ 2 KB
1 KB 134ms
133ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/cart-icon
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 72edc7582944dd48f29916ba0b6fd6bb930b700b6a92fe0b1edee5766312e6ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:45 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Accept-Encoding,Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446705&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yp687Zu54NPdYC2ql%2FoWApp3FyZnDMD6LA5c8i8gbrc%3D"}]}
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Length: 658
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446705&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yp687Zu54NPdYC2ql%2FoWApp3FyZnDMD6LA5c8i8gbrc%3D
Expires: Mon, 03 Jun 2024 20:31:45 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
303 B 291ms
98ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.underluckystars.com
Date: Mon, 03 Jun 2024 20:31:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK cart-icon Show response
www.underluckystars.com/en/ 2 KB
1 KB 144ms
143ms XHR
text/html 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/en/cart-icon
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 72edc7582944dd48f29916ba0b6fd6bb930b700b6a92fe0b1edee5766312e6ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 20:31:55 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Apache
Vary: Accept-Encoding,Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717446715&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=j7t92aQaVGuEq4jwD6QCFsoJXIky8QdAqidF1l7Xeus%3D"}]}
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Length: 658
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717446715&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=j7t92aQaVGuEq4jwD6QCFsoJXIky8QdAqidF1l7Xeus%3D
Expires: Mon, 03 Jun 2024 20:31:55 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
303 B 291ms
100ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.24.2/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.underluckystars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.underluckystars.com
Date: Mon, 03 Jun 2024 20:31:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET cart-icon
www.underluckystars.com/en/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.underluckystars.com
URL: https://www.underluckystars.com/en/cart-icon

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 21:05:33	Name: X-AB Value: ee1b052465a646ba98c8b1c5a37e6cdf
.underluckystars.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0dtcqrak6e4ev46aeogniu5pc1nth7e6
.underluckystars.com/	1970-01-20 23:13:42	Name: _rdt_uuid Value: 1717446695337.1ebbc6fe-a6b5-455a-b100-a40677aedbe7
www.clarity.ms/	1970-01-21 05:49:42	Name: CLID Value: 06662f7211ff49c3b8a682748919ab42.20240603.20250603
.underluckystars.com/	1970-01-21 06:33:53	Name: _scid Value: eeec4004-9485-406a-86df-cdcbae0e40bc
.underluckystars.com/	1970-01-21 06:33:53	Name: _scid_r Value: eeec4004-9485-406a-86df-cdcbae0e40bc
.tiktok.com/	1970-01-21 06:25:42	Name: _ttp Value: 2hNu8ItpxdIRfmUkjlMxAKxBFT8
.underluckystars.com/	1970-01-20 23:13:42	Name: _gcl_au Value: 1.1.367297318.1717446696
.underluckystars.com/	1970-01-20 21:05:33	Name: _uetsid Value: 45b1ce7021e811ef9465f3f24905782d
.underluckystars.com/	1970-01-21 06:25:42	Name: _uetvid Value: 45b45d3021e811efb6db093d50c3cbb6
.twitter.com/	1970-01-21 06:40:06	Name: guest_id_marketing Value: v1%3A171744669569264833
.twitter.com/	1970-01-21 06:40:06	Name: guest_id_ads Value: v1%3A171744669569264833
.twitter.com/	1970-01-21 06:40:06	Name: guest_id Value: v1%3A171744669569264833
.bing.com/	1970-01-21 06:25:42	Name: MUID Value: 229CC43F33A961253665D0AC327B608E
.underluckystars.com/	1970-01-21 06:40:06	Name: _ga Value: GA1.1.1167730064.1717446696
.t.co/	1970-01-21 06:40:06	Name: muc_ads Value: 37c3c747-a3ee-48e6-8e34-30e05ee58bcc
.twitter.com/	1970-01-21 06:40:06	Name: personalization_id Value: "v1_2XzP/5pS0hgg+gqD6A1qvA=="
.underluckystars.com/	1970-01-21 06:40:06	Name: _ga_LSBK82Y0LK Value: GS1.1.1717446695.1.0.1717446695.60.0.0
.underluckystars.com/	1970-01-21 05:49:42	Name: _clck Value: ciaico%7C2%7Cfmb%7C0%7C1615
.pinterest.com/	1970-01-21 05:49:42	Name: ar_debug Value: 1
.underluckystars.com/	1970-01-21 05:49:42	Name: _derived_epik Value: dj0yJnU9RC12ZFowazJYa244bUIyZnB0Z2dTbkFWamFUUmdET1Ymbj1saVRUbVNMNTNzZjRyTlAtYThiYVd3Jm09NCZ0PUFBQUFBR1plS0NnJnJtPTQmcnQ9QUFBQUFHWmVLQ2cmc3A9Mg
.underluckystars.com/	1970-01-21 05:49:42	Name: _pin_unauth Value: dWlkPU9UQTNNelZpTkdFdE9ESXdOaTAwWm1Oa0xXSXpNV1F0T1RkbFpEWXdObVJpWW1NMw
.underluckystars.com/	1970-01-21 06:25:42	Name: _tt_enable_cookie Value: 1
.underluckystars.com/	1970-01-21 06:25:42	Name: _ttp Value: kKlcTo9qMZIaIMyCytVU2lAcQnw
.ct.pinterest.com/	1970-01-21 05:49:42	Name: _pinterest_ct_ua Value: "TWc9PSZOZmxEVHljaDJXZE1mN3hQOHRvYXJBdU16TjB3Mnc0WFNkbFl3ZGN5RDRkYjdMVjJ5Y0p4SExTMHdUZWVQQ3Q0MFdDM3Z2OTRNbnNDTlR3UzF1OHBYYVB5WUJzajNqK0VmZkllVTA5R1grVT0ma0ZrNStzYmJRVDRhUUNNaFU0bXBCU1lxTHU4PQ=="
.underluckystars.com/	1970-01-20 23:13:42	Name: _fbp Value: fb.1.1717446696192.562873762487313689
www.underluckystars.com/	1970-01-21 06:40:06	Name: tatari-cookie-test Value: 23269997
.doubleclick.net/	1970-01-20 21:04:07	Name: test_cookie Value: CheckForPermission
.underluckystars.com/	1970-01-21 06:40:06	Name: tatari-session-cookie Value: 75a59e26-84ad-a987-b129-3551a1fb3272
.underluckystars.com/	1970-01-20 21:04:06	Name: t-ip Value: 1
.bidr.io/	1970-01-21 06:32:40	Name: bito Value: AADZpk7MvFAAABRW2qHdhw
.bidr.io/	1970-01-21 06:32:40	Name: bitoIsSecure Value: ok
.underluckystars.com/	1970-01-20 21:05:33	Name: _clsk Value: oiz455%7C1717446696595%7C1%7C1%7Ce.clarity.ms%2Fcollect
widget-mediator.zopim.com/	1970-01-20 21:14:11	Name: AWSALBCORS Value: apKGq6RfKfh+oE5ADdfaerFPxyOOGrBNDcZ91LSn4YRAPthDBRfi/acWp6++Vf806VHRe3fA87mzxoFhTHFY+Mdq5NvViLPqplffgx6E0XVgDKqK/T69LV3T/PCp
.c.bing.com/	1970-01-20 21:14:11	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:25:42	Name: SRM_B Value: 229CC43F33A961253665D0AC327B608E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:25:42	Name: MUID Value: 229CC43F33A961253665D0AC327B608E
.c.clarity.ms/	1970-01-20 21:14:11	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:04:07	Name: ANONCHK Value: 0
.underluckystars.com/	1970-01-21 05:49:42	Name: __zlcmid Value: 1M5mlezjTcshdIa
.cardinalcommerce.com/	1969-12-31 23:59:59	Name: __cfruid Value: 5c9f2052339745467bf3768f1a6a925bd89fc924-1717446697

64 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.underluckystars.com/en/pay/1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.underluckystars.com/en/pay/56103c21-6f7e-422a-936d-9db19ab864d4?utm_campaign=hesitation_text&utm_medium=sms&utm_source=hesitation_text Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
assets.braintreegateway.com
assets.zendesk.com
bat.bing.com
browser.sentry-cdn.com
c.bing.com
c.clarity.ms
centinelapi.cardinalcommerce.com
client-analytics.braintreegateway.com
connect.facebook.net
ct.pinterest.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
d3j4c7e2o820k1.cloudfront.net
dv1tfaz68u60v.cloudfront.net
dvqigh9b7wa32.cloudfront.net
e.clarity.ms
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
geo.cardinalcommerce.com
googleads.g.doubleclick.net
payments.braintree-api.com
pixel-config.reddit.com
q.quora.com
region1.analytics.google.com
s.pinimg.com
sc-static.net
segment.prod.bidr.io
songbird.cardinalcommerce.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
uls-photos.imgix.net
underluc.ky
underluckystars.zendesk.com
writer.cardinalcommerce.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
www.underluckystars.com
www.underluckystars.com
104.120.210.155
104.16.53.111
104.18.72.113
104.244.42.131
108.138.40.243
13.248.139.42
142.250.185.132
142.250.186.34
142.250.186.35
146.75.120.157
151.101.0.84
151.101.129.140
151.101.192.84
151.101.2.133
151.101.65.140
151.101.66.133
157.240.252.13
162.159.152.17
20.57.85.160
2001:4860:4802:32::36
216.58.212.130
2600:1901:0:7628::
2600:9000:20ae:1c00:17:3f5c:f800:21
2600:9000:237d:ca00:1a:5a9d:d440:21
2600:9000:237d:e000:d:40c2:7fc0:21
2600:9000:26da:9200:17:f683:1d40:21
2600:9000:26db:d600:3:760:2800:21
2606:4700::c6d9:fbfa
2606:4700::c6d9:fbfb
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0d::9a
2a02:26f0:e300:298::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::396
2a04:4e42:600::729
2a04:4e42::720
34.247.125.229
35.190.43.134
52.216.41.5
52.57.28.205
52.6.21.232
54.209.91.188
54.239.192.187
68.219.88.97
93.184.221.165
95.100.146.9
02b220926c9cbc094afcdf4c29546ae5ec230ec6609663a1dc5542f109afc257
03cc400198270084c3467816d74dfd6a71d858275fc20229d75b1dc852d45c9d
044b30a80167aa4263caae12b20ab3fbb2cd08f79bf1e2727a7aaa7fbda66b77
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0e48926025e3bded80dc58ead3a25b95fb9f823d9e7b94bf763c237c88af4122
0ff775138e1690f67634084ee0b972b2b9d736605bf9902e886e56e849f1efa0
15b310a6287387087766f691f465d80744d9585a7bc7f6b49152ba61fa521bce
1b832fc2f9633808df95e0de59c1f8cdad327b4caabdf527988ea3a9f11c49f6
20d54c9f484d15dbdbd01148fc51f3c90e58c25bf8f6419c869b216c64d49e20
223ebff1459ded262b1e57e003cee79bb09877d144d41837884e01ce1d33a430
241dac7da9d2782f58c2ffdc05090ac486b49cde149c879675d189dee66aedf6
2a2c2f8fa2b73becd3760ed3927192ed8ea6b52fc0c933fd873716468b0265f9
2f688cf86928876c5a0bfdb1803055d354c507d6801be11bc161c8fc37335c08
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
34a4addd7d0f6eb7755797b2d2b80e26f88d4a57572d3aa8275b1b4641c87664
35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b
3e6e05033bb8d6addc3661ec3f346a2c9ce96963541152c4d46eebdcb8a6679e
3e88d35a3f38898064c176ff351e3ee4c7d22ab4ca2f52d44a9ef615c4364d5c
4093e24113dcc170051435db8382c56963f43b509e67230091722743ec481ed3
44a4580e94ae11037b8983e43e37a220e72f884217dba5b33a94309db2dcd88b
471d7117ddc6740c2ee7df66d93620e1e9ccde7163913c1dd7e6a061d5b5aaaa
49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8
4a1d55a2259841c1012a041dc9aecb3b179e433d95bf75866dd75a1914bd68a7
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
598668082255f69b8585c4aa671f81b589335371e621a7363b7fff229b96731d
5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a
5a154a476bd16508d915b7554dd38dac9871c698e572663aa907d099baaf4c08
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
60225727403c85eb1f1cc5a03cce4a45194b972c051ae993928cf85a3c17a193
6272390e4cf506663280e959d86aa790e7b4127fab1531767fc1d272e6aa05b4
63d798e2fd33f1ccc2d7b10c132d1ecdb830a5da196e99cb89d582db2ccc908d
6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce
6cbc7a1c3f807864a75777bc2ce45b2ddf3c7e449202baf5eb6d52043ff421b4
6ce9ec8c61b5972b8352a61a2018a9e9697e361f29881501687ae84936144237
721e2c8d5f203461f3d93d9dc42c223b68a77691019cbc44331633376d8ba91d
72adb1767c98a162d01c40662d39150e3686ffc63aaeb81f344e26e7b6ed3b8d
72edc7582944dd48f29916ba0b6fd6bb930b700b6a92fe0b1edee5766312e6ab
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
74ee5f96f25ee999335ab167113b586db5072a1259ad784021bfb91a705b0d45
78d1c949907af4ac820f60197fdc339cafa5b05c64fe0c4739d4b34b2b59335b
7c7c771d8f783ef1c885bc47d31698f2d4dd34f6653d5042c1248b7e21ccdc54
812150c357212c1968f67598dbf5d157a964297a57627f43982261cf1fc1b335
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82e6b2b34e83923f085e9ca5a067be0fe19645060a8d4252d0e800fe328f99f6
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8433f341d13e5f67101f7ca3b0ec8dc67d0cd64d734d4d797c5131ad2a7b86ca
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
8ba3c8134207b8fe997e01aaeeb0da6a974e47613f74ed9db3ccb1934e86c3cf
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
8d96f2bab569289ddb4165a758e624413d4e95ff2fcf8fcff3f400adab0c18ca
9784df5d9fc8a2092d96c3fe651e8aa359acaefa6a84607e0fd0f5d09a3bf305
97e0619ba41d0bb6d802d9bc2d42116d639d514ccfd9cfe2a8c8d5a9f314a9a5
992ae0fe7f1625115780377ea0d7cf4dcf7b7a41022981c957a419959d67cf48
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e100c09698f359a32a2f2ff853de2ecfe1cbffdf0fa6bf666a17f5d8537e25d
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a825037288b9aa8fc3f9b1bebef6b84db9f4588f0ad047ec8560a8e0c99cc34c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b562a50593e22cbd09d4302218ade462eb44bbc2f34dc88298405fbf741ab1b0
b6701f46d4b264ed12b3471e5f88dd6b7b1fd12c3e7d7847136eef2cf9664f5d
b8c0f4596d7df31c353812fe085c2ce3c382de9308ac9cc19b829d325b771438
bcfd25dd4e8aa4c4f264d115071e7f09a474684186f8b97fea39df46ca31f349
c32b39ed9a5e80836d347d294589fe1763b5e01cd98bd1baf70c7fb8acb339c3
c63cbe703a180854b5e8bb01c286a11a9a2527a397a25f07fd583651cab6a62c
c691a7b42e61506e78aed654dd317bbf83137b6881554ad52ef79b682d40ea3e
c939e50605c5a08df1aaf19818f74d2919a9d3c3b7aa7cd90520b8bfc9c5dddc
ca2a24f055cfc558e9c6602c18c73c46f490a706f94a4d86aea09e4232fe6a3c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cdc70890e61dda3b7391c92c0576cd0b04cf636d5dd66d4ac2bc350e6aed8068
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d7670ba5fe935637a5c6b282da6b5b9ff70cc31deb3e21e93fb6d0441f47661e
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
db0e71fc3bae2429414ed7399d6237050e97f77a45cc82f03d2d13120b5f50c1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb69b95a6bdcf5d227ce30d7184839da682c7794fbb93e603b9e39c53a87440
de18b6da10ed146bdac239115c7a7f330e6c1ab02859f09f2e731cd1601d4072
e2b888cde4fbaf1772f4650957b0af44b10304bb30ae68c2e5ef2c82f065fd98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54252ccf29a93145ba978c37518d4459992f29a1dab0fdc018f753c8a17fde0
f5ec4d95771b2da24efd9bf6c18b3ba988e4332c03adc3812d4325fd96a7c6f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74526b298c1f5e28e5325690068efea77223ec2090bc1a9a6ae75a5b84e99fd
f8e5173a0d9b9ff339e68c10a49f0f4bdf70ef7a86dcbd1231ea1393231e56f9
f9a6355b2d7268750b4b2ce83bf0c68eb476d499396f937f89b1aa5447cc0bdc
fcafd6c7d915605ce4321ae53fd667d07b3c82f8fd3a0f5072f056cd2d143725
fcde2bbf6f25e5f5c76cdb69778ffa0231dcee443ce60b36df9d3dde9b6d4567

www.underluckystars.com Open in urlscan Pro 54.209.91.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

97 %HTTPS

42 %IPv6

35 Domains

54 Subdomains

50 IPs

7 Countries

2169 kBTransfer

5410 kBSize

42 Cookies

4 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.underluckystars.com Open in urlscan Pro
54.209.91.188 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

97 %
HTTPS

42 %
IPv6

35
Domains

54
Subdomains

50
IPs

7
Countries

2169 kB
Transfer

5410 kB
Size

42
Cookies

179 HTTP transactions
2 data transactions